Vulnerability Details : CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Exploit prediction scoring system (EPSS) score for CVE-2018-3615
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 15 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-3615
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
5.4
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:P/A:N |
3.4
|
7.8
|
[email protected] |
|
6.4
|
MEDIUM | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N |
1.1
|
4.7
|
[email protected] |
CWE ids for CVE-2018-3615
-
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.Assigned by: [email protected] (Primary)
References for CVE-2018-3615
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
-
http://www.securityfocus.com/bid/105080
Third Party Advisory;VDB Entry
-
https://foreshadowattack.eu/
Technical Description;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20180815-0001/
Third Party Advisory
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
Third Party Advisory
-
https://www.kb.cert.org/vuls/id/982149
Third Party Advisory
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
Third Party Advisory
-
http://www.securitytracker.com/id/1041451
Third Party Advisory;VDB Entry
-
https://www.synology.com/support/security/Synology_SA_18_45
Third Party Advisory
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
Third Party Advisory
-
http://support.lenovo.com/us/en/solutions/LEN-24163
Third Party Advisory
-
https://support.f5.com/csp/article/K35558453
Third Party Advisory
-
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
Mitigation;Vendor Advisory
-
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
Third Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
- https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
Vendor Advisory
Products affected by CVE-2018-3615
- cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*
- cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*