CVE-2021-0148 : Insertion of information into log file in firmware for some Intel(R) SSD DC may

Insertion of information into log file in firmware for some Intel(R) SSD DC may allow a privileged user to potentially enable information disclosure via local access.

Published 2021-11-17 20:15:09

Updated 2021-11-22 19:59:30

Source Intel Corporation

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2021-0148

Intel » Ssd Dc P4618 Firmware
Versions before (<) vdv10182
cpe:2.3:o:intel:ssd_dc_p4618_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4618 » Version: N/A
Intel » Ssd Dc D4512 Firmware
Versions before (<) et10
cpe:2.3:o:intel:ssd_dc_d4512_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc D4512 » Version: N/A
Intel » Ssd Dc P4510 U.2 Firmware
Versions before (<) vdv10182
cpe:2.3:o:intel:ssd_dc_p4510_u.2_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4510 U.2 » Version: N/A
Intel » Ssd Dc P4510 Edsff Firmware
Versions before (<) vdv10284
cpe:2.3:o:intel:ssd_dc_p4510_edsff_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4510 Edsff » Version: N/A
Intel » Ssd Dc P4511 Edsff Firmware
Versions before (<) vdv10284
cpe:2.3:o:intel:ssd_dc_p4511_edsff_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4511 Edsff » Version: N/A
Intel » Ssd Dc P4511 M.2 Firmware
Versions before (<) vdv10384
cpe:2.3:o:intel:ssd_dc_p4511_m.2_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4511 M.2 » Version: N/A
Intel » Ssd Dc P4610 U.2 Firmware
Versions before (<) vdv10182
cpe:2.3:o:intel:ssd_dc_p4610_u.2_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4610 U.2 » Version: N/A
Intel » Ssd D-s4510 Firmware
Versions before (<) xcv10140
cpe:2.3:o:intel:ssd_d-s4510_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D-s4510 » Version: N/A
Intel » Ssd D7-p5608 Firmware
Versions before (<) 2cv1r106
cpe:2.3:o:intel:ssd_d7-p5608_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5608 » Version: N/A
Intel » Ssd D7-p5500 Firmware
Versions before (<) 1.2.0
cpe:2.3:o:intel:ssd_d7-p5500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5500 » Version: N/A
Intel » Ssd D7-p5500 Firmware
Versions before (<) 2cv1r106
cpe:2.3:o:intel:ssd_d7-p5500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5500 » Version: N/A
Intel » Ssd D7-p5500 Firmware
Versions before (<) 2cv1c030
cpe:2.3:o:intel:ssd_d7-p5500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5500 » Version: N/A
Intel » Ssd D7-p5500 Firmware
Versions before (<) 2cv1l029
cpe:2.3:o:intel:ssd_d7-p5500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5500 » Version: N/A
Intel » Ssd D7-p5600 Firmware
Versions before (<) 2cv1l029
cpe:2.3:o:intel:ssd_d7-p5600_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5600 » Version: N/A
Intel » Ssd D7-p5600 Firmware
Versions before (<) 1.2.0
cpe:2.3:o:intel:ssd_d7-p5600_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5600 » Version: N/A
Intel » Ssd D7-p5600 Firmware
Versions before (<) 2cv1c030
cpe:2.3:o:intel:ssd_d7-p5600_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D7-p5600 » Version: N/A
Intel » Ssd D5-p4320 Firmware
cpe:2.3:o:intel:ssd_d5-p4320_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D5-p4320 » Version: N/A
Intel » Ssd D5-p4420 Firmware
cpe:2.3:o:intel:ssd_d5-p4420_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D5-p4420 » Version: N/A
Intel » Ssd D5-p4326 Firmware
cpe:2.3:o:intel:ssd_d5-p4326_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd D5-p4326 » Version: N/A
Intel » Ssd Dc P4500 Firmware
cpe:2.3:o:intel:ssd_dc_p4500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4500 » Version: N/A
Intel » Ssd Dc P4501 Firmware
cpe:2.3:o:intel:ssd_dc_p4501_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4501 » Version: N/A
Intel » Ssd Dc P4600 Firmware
cpe:2.3:o:intel:ssd_dc_p4600_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4600 » Version: N/A
Intel » Ssd Dc P4608 Firmware
cpe:2.3:o:intel:ssd_dc_p4608_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Ssd Dc P4608 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-0148

EPSS FAQ

0.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 28 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-0148

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
4.4	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N	0.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-0148

CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-0148

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00535.html

INTEL-SA-00535
Vendor Advisory

Jump to

Vulnerability Details : CVE-2021-0148

Products affected by CVE-2021-0148

Exploit prediction scoring system (EPSS) score for CVE-2021-0148

CVSS scores for CVE-2021-0148

CWE ids for CVE-2021-0148

References for CVE-2021-0148