Vulnerability Details : CVE-2018-5407
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
Vulnerability category: Information leak
Products affected by CVE-2018-5407
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_server:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
- Oracle » Primavera P6 Enterprise Project Portfolio ManagementVersions from including (>=) 17.7 and up to, including, (<=) 17.12cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*
- Oracle » Mysql Enterprise BackupVersions from including (>=) 3.12.4 and up to, including, (<=) 4.1.2cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-5407
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 24 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-5407
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
1.9
|
LOW | AV:L/AC:M/Au:N/C:P/I:N/A:N |
3.4
|
2.9
|
NIST | |
4.7
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.0
|
3.6
|
NIST |
CWE ids for CVE-2018-5407
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: cret@cert.org (Secondary)
-
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-5407
-
https://www.oracle.com/security-alerts/cpujan2020.html
Oracle Critical Patch Update Advisory - January 2020Patch;Third Party Advisory
-
https://eprint.iacr.org/2018/1060.pdf
Technical Description;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpuapr2020.html
Oracle Critical Patch Update Advisory - April 2020Patch;Third Party Advisory
-
https://www.tenable.com/security/tns-2018-17
[R1] Nessus 7.1.4 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3931
RHSA-2019:3931 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3840-1/
USN-3840-1: OpenSSL vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://support.f5.com/csp/article/K49711130?utm_source=f5support&utm_medium=RSS
Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2125
RHSA-2019:2125 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0483
RHSA-2019:0483 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.tenable.com/security/tns-2018-16
[R1] Nessus 8.1.1 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®Third Party Advisory
-
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
Oracle Critical Patch Update - July 2019Patch;Third Party Advisory
-
https://github.com/bbbrumley/portsmash
GitHub - bbbrumley/portsmashExploit;Third Party Advisory
-
http://www.securityfocus.com/bid/105897
OpenSSL CVE-2018-5407 Side Channel Attack Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
https://security.netapp.com/advisory/ntap-20181126-0001/
CVE-2018-5407 Simultaneous Multithreading Side-Channel Information Disclosure Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html
[SECURITY] [DLA 1586-1] openssl security updateMailing List;Third Party Advisory
-
https://www.exploit-db.com/exploits/45785/
Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-ChannelExploit;Third Party Advisory;VDB Entry
-
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
November 2018 Security Releases | Node.jsThird Party Advisory
-
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Oracle Critical Patch Update - April 2019Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0651
RHSA-2019:0651 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3935
RHSA-2019:3935 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Oracle Critical Patch Update - January 2019Patch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2019:3932
RHSA-2019:3932 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3933
RHSA-2019:3933 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4348
Debian -- Security Information -- DSA-4348-1 opensslThird Party Advisory
-
https://security.gentoo.org/glsa/201903-10
OpenSSL: Multiple vulnerabilities (GLSA 201903-10) — Gentoo securityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3929
RHSA-2019:3929 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0652
RHSA-2019:0652 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4355
Debian -- Security Information -- DSA-4355-1 openssl1.0Third Party Advisory
Jump to