CVE-2020-8696

medium

Description

Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381

https://security.netapp.com/advisory/ntap-20201113-0006/

https://lists.fedoraproject.org/archives/list/[email protected]/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/

https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html

Details

Source: MITRE

Published: 2020-11-12

Updated: 2021-07-02

Type: CWE-212

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM