Vulnerability Details : CVE-2021-33081
Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access.
Vulnerability category: Information leak
Products affected by CVE-2021-33081
- cpe:2.3:o:intel:ssd_pro_6000p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_s4500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_s4600_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_pro_7600p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_760p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_e_6100p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_660p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4101_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_d4512_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4510_edsff_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4511_edsff_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4511_m.2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_d5-p4326_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4501_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4600_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4608_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_600p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_665p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_670p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_700p_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_d3-s4510_m.2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4510_sff_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_d3-s4610_m.2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p4610_sff_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_d5-p5316_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_d7_p5510_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_d7_p5600_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_dc_p3100_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:ssd_e_6000p_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-33081
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-33081
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
0.8
|
3.6
|
NIST | |
7.9
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H |
1.5
|
5.8
|
Intel Corporation |
CWE ids for CVE-2021-33081
-
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-33081
-
https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf
Mitigation;Vendor Advisory
Jump to