CVE-2020-8698

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381

https://security.netapp.com/advisory/ntap-20201113-0006/

https://lists.fedoraproject.org/archives/list/[email protected]/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/

https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html

https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf

Details

Source: MITRE

Published: 2020-11-12

Updated: 2021-07-21

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

Configuration 7

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Tenable Plugins

View all (60 total)

IDNameProductFamilySeverity
152965RHEL 7 : microcode_ctl (RHSA-2021:3323)NessusRed Hat Local Security Checks
high
152955RHEL 7 : microcode_ctl (RHSA-2021:3322)NessusRed Hat Local Security Checks
high
152930RHEL 8 : microcode_ctl (RHSA-2021:3364)NessusRed Hat Local Security Checks
high
152926RHEL 7 : microcode_ctl (RHSA-2021:3317)NessusRed Hat Local Security Checks
high
152779RHEL 7 : microcode_ctl (RHSA-2021:3255)NessusRed Hat Local Security Checks
high
152627RHEL 8 : microcode_ctl (RHSA-2021:3176)NessusRed Hat Local Security Checks
high
152447RHEL 7 : microcode_ctl (RHSA-2021:3029)NessusRed Hat Local Security Checks
high
152367CentOS 8 : microcode_ctl (CESA-2021:3027)NessusCentOS Local Security Checks
high
152366Oracle Linux 7 : microcode_ctl (ELSA-2021-3028)NessusOracle Linux Local Security Checks
high
152365Oracle Linux 8 : microcode_ctl (ELSA-2021-3027)NessusOracle Linux Local Security Checks
high
152364Scientific Linux Security Update : microcode_ctl on SL7.x x86_64 (2021:3028)NessusScientific Linux Local Security Checks
high
152360CentOS 7 : microcode_ctl (CESA-2021:3028)NessusCentOS Local Security Checks
high
152353RHEL 7 : microcode_ctl (RHSA-2021:3028)NessusRed Hat Local Security Checks
high
152351RHEL 8 : microcode_ctl (RHSA-2021:3027)NessusRed Hat Local Security Checks
high
150603SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2020:14546-1)NessusSuSE Local Security Checks
medium
150541SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2020:14540-1)NessusSuSE Local Security Checks
medium
149521Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : Intel Microcode vulnerabilities (USN-4628-3)NessusUbuntu Local Security Checks
medium
147710NewStart CGSL CORE 5.04 / MAIN 5.04 : microcode_ctl Multiple Vulnerabilities (NS-SA-2021-0040)NessusNewStart CGSL Local Security Checks
medium
147405NewStart CGSL MAIN 4.06 : microcode_ctl Multiple Vulnerabilities (NS-SA-2021-0001)NessusNewStart CGSL Local Security Checks
medium
147243NewStart CGSL MAIN 6.02 : microcode_ctl Multiple Vulnerabilities (NS-SA-2021-0079)NessusNewStart CGSL Local Security Checks
medium
146278Debian DLA-2546-1 : intel-microcode security updateNessusDebian Local Security Checks
medium
145932CentOS 8 : microcode_ctl (CESA-2020:5085)NessusCentOS Local Security Checks
medium
144442Virtuozzo 7 : microcode_ctl (VZLSA-2020-5083)NessusVirtuozzo Local Security Checks
medium
143852SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3372-1)NessusSuSE Local Security Checks
medium
143841SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2020:3279-1)NessusSuSE Local Security Checks
medium
143814SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2020:3457-1)NessusSuSE Local Security Checks
medium
143763SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3276-1)NessusSuSE Local Security Checks
medium
143735SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2020:3514-1)NessusSuSE Local Security Checks
medium
143728SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3373-1)NessusSuSE Local Security Checks
medium
143719SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3271-1)NessusSuSE Local Security Checks
medium
143624SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2020:3274-1)NessusSuSE Local Security Checks
medium
143603RHEL 8 : microcode_ctl (RHSA-2020:5369)NessusRed Hat Local Security Checks
medium
143339openSUSE Security Update : ucode-intel (openSUSE-2020-2098)NessusSuSE Local Security Checks
medium
143330Fedora 32 : 2:microcode_ctl (2020-1afbe7ba2d)NessusFedora Local Security Checks
medium
143297openSUSE Security Update : ucode-intel (openSUSE-2020-2075)NessusSuSE Local Security Checks
medium
143212RHEL 7 : microcode_ctl (RHSA-2020:5182)NessusRed Hat Local Security Checks
medium
143211RHEL 6 : microcode_ctl (RHSA-2020:5189)NessusRed Hat Local Security Checks
medium
143209RHEL 6 : microcode_ctl (RHSA-2020:5184)NessusRed Hat Local Security Checks
medium
143208RHEL 8 : microcode_ctl (RHSA-2020:5186)NessusRed Hat Local Security Checks
medium
143205RHEL 8 : microcode_ctl (RHSA-2020:5185)NessusRed Hat Local Security Checks
medium
143204RHEL 7 : microcode_ctl (RHSA-2020:5190)NessusRed Hat Local Security Checks
medium
143203RHEL 7 : microcode_ctl (RHSA-2020:5183)NessusRed Hat Local Security Checks
medium
143202RHEL 7 : microcode_ctl (RHSA-2020:5188)NessusRed Hat Local Security Checks
medium
143200RHEL 7 : microcode_ctl (RHSA-2020:5181)NessusRed Hat Local Security Checks
medium
143171Fedora 33 : 2:microcode_ctl (2020-2c8824c6b1)NessusFedora Local Security Checks
medium
143137Fedora 31 : 2:microcode_ctl (2020-14fda1bf85)NessusFedora Local Security Checks
medium
143132OracleVM 3.4 : microcode_ctl (OVMSA-2020-0053)NessusOracleVM Local Security Checks
medium
143113CentOS 7 : microcode_ctl (CESA-2020:5083)NessusCentOS Local Security Checks
medium
143043Security Updates for Windows 10 / Windows Server 2016 / Windows Server 2019 (November 2020)NessusWindows : Microsoft Bulletins
medium
142999Scientific Linux Security Update : microcode_ctl on SL6.x i686/x86_64 (2020:5084)NessusScientific Linux Local Security Checks
medium
142964Oracle Linux 7 : microcode_ctl (ELSA-2020-5083)NessusOracle Linux Local Security Checks
medium
142963Oracle Linux 8 : microcode_ctl (ELSA-2020-5085)NessusOracle Linux Local Security Checks
medium
142961Oracle Linux 6 : microcode_ctl (ELSA-2020-5084)NessusOracle Linux Local Security Checks
medium
142938openSUSE Security Update : ucode-intel (openSUSE-2020-1915)NessusSuSE Local Security Checks
medium
142929openSUSE Security Update : ucode-intel (openSUSE-2020-1923)NessusSuSE Local Security Checks
medium
142817Scientific Linux Security Update : microcode_ctl on SL7.x x86_64 (2020:5083)NessusScientific Linux Local Security Checks
medium
142731Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Intel Microcode vulnerabilities (USN-4628-1)NessusUbuntu Local Security Checks
medium
142716RHEL 6 : microcode_ctl (RHSA-2020:5084)NessusRed Hat Local Security Checks
medium
142715RHEL 7 : microcode_ctl (RHSA-2020:5083)NessusRed Hat Local Security Checks
medium
142714RHEL 8 : microcode_ctl (RHSA-2020:5085)NessusRed Hat Local Security Checks
medium