Vulnerability Details : CVE-2019-0126
Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.
Vulnerability category: Denial of service
Products affected by CVE-2019-0126
- cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_platinum_processors_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_gold_processors_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_silver_processors_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-0126
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 29 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-0126
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
|
6.7
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
0.8
|
5.9
|
NIST |
References for CVE-2019-0126
-
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html
INTEL-SA-00223Vendor Advisory
-
http://www.securityfocus.com/bid/108485
Intel Unified Extensible Firmware Interface Multiple Security Vulnerabilities
-
https://support.f5.com/csp/article/K37428370
Jump to