Details of VAR-201807-1705

ID

VAR-201807-1705

CVE

CVE-2018-3619

TITLE

Intel Optane Memory module Whole Disk Encryption Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2018-007984

DESCRIPTION

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. An attacker could exploit this vulnerability to obtain data. The following products are affected: Intel 7th Gen Intel Core Desktop Processors; 8th Gen Intel Core Desktop Processors; 8th Gen Intel Core Mobile Processors; Intel Core X-Series Processors; Intel Xeon® E Processors

Trust: 1.71

sources: NVD: CVE-2018-3619 // JVNDB: JVNDB-2018-007984 // VULHUB: VHN-133650

AFFECTED PRODUCTS

vendor:	intel	model:	core i5	scope:	eq	version:	8265u	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	8259u	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	7640x	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	8300h	Trust: 1.6
vendor:	intel	model:	core i7	scope:	eq	version:	3820	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	7y54	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	8350u	Trust: 1.6
vendor:	intel	model:	core i7	scope:	eq	version:	3920xm	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	8269u	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	8305g	Trust: 1.6
vendor:	intel	model:	core i5	scope:	eq	version:	8600	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7600u	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8500y	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7600	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8400	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8700t	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8100h	Trust: 1.0
vendor:	intel	model:	xeon e-2124g	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	xeon e-2144g	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	xeon e-2136	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8550u	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	3970x	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8850h	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8300t	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7267u	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8650u	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	4820k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7820hq	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8100	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7560u	Trust: 1.0
vendor:	intel	model:	xeon e-2126g	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	3940xm	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7020u	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7101te	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8500	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7y75	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7600k	Trust: 1.0
vendor:	intel	model:	xeon e-2176m	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i9	scope:	eq	version:	7960x	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7820eq	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7101e	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8709g	Trust: 1.0
vendor:	intel	model:	xeon e-2176g	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7700hq	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7300t	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8500t	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8700k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7740x	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	6850k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8559u	Trust: 1.0
vendor:	intel	model:	xeon e-2124	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7300u	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8400t	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7440hq	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8400b	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7287u	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7400t	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7700k	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7300	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8809g	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7167u	Trust: 1.0
vendor:	intel	model:	xeon e-2146g	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7100t	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	6900k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8706g	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7300hq	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8086k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	4930mx	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7800x	Trust: 1.0
vendor:	intel	model:	core i9	scope:	eq	version:	7900x	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8130u	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8100t	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	6800k	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7130u	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	6950x	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7600t	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8109u	Trust: 1.0
vendor:	intel	model:	xeon e-2186g	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i9	scope:	eq	version:	7940x	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	4930k	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8500b	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8200y	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8145u	Trust: 1.0
vendor:	intel	model:	xeon e-2186m	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7700	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7100h	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8700	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7567u	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7360u	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7320	Trust: 1.0
vendor:	intel	model:	core m3	scope:	eq	version:	8100y	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	3960x	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7350k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7820hk	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	4960x	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	5960x	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8705g	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7700t	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8600t	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	5930k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	4940mx	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	5820k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7820x	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8565u	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7500u	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7102e	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8250u	Trust: 1.0
vendor:	intel	model:	xeon e-2134	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7100	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8700b	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7920hq	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7260u	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8350k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	3930k	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	8750h	Trust: 1.0
vendor:	intel	model:	core i9	scope:	eq	version:	7920x	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7y57	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7442eq	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7500t	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7500	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8400h	Trust: 1.0
vendor:	intel	model:	core i9	scope:	eq	version:	7980xe	Trust: 1.0
vendor:	intel	model:	xeon e-2174g	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7400	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7100u	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	8300	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7440eq	Trust: 1.0
vendor:	intel	model:	core i7	scope:	eq	version:	7660u	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	7200u	Trust: 1.0
vendor:	intel	model:	core i5	scope:	eq	version:	8600k	Trust: 1.0
vendor:	intel	model:	core i3	scope:	eq	version:	7100e	Trust: 1.0
vendor:	intel	model:	core i9	scope:	eq	version:	8950hk	Trust: 1.0
vendor:	intel	model:	core i3	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	core i5	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	core i7	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	core i9	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	core m3	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	xeon e	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2018-007984 // CNNVD: CNNVD-201807-897 // NVD: CVE-2018-3619

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-3619
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-3619
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201807-897
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-133650
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2018-3619
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-133650
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-3619
baseSeverity:	MEDIUM
baseScore:	4.6
vectorString:	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	0.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-133650 // JVNDB: JVNDB-2018-007984 // CNNVD: CNNVD-201807-897 // NVD: CVE-2018-3619

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-133650 // JVNDB: JVNDB-2018-007984 // NVD: CVE-2018-3619

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201807-897

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201807-897

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-007984

PATCH

title:

INTEL-SA-00114

url:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00114.html

Trust: 0.8

sources: JVNDB: JVNDB-2018-007984

EXTERNAL IDS

db:	NVD	id:	CVE-2018-3619	Trust: 2.5
db:	JVNDB	id:	JVNDB-2018-007984	Trust: 0.8
db:	CNNVD	id:	CNNVD-201807-897	Trust: 0.7
db:	VULHUB	id:	VHN-133650	Trust: 0.1

sources: VULHUB: VHN-133650 // JVNDB: JVNDB-2018-007984 // CNNVD: CNNVD-201807-897 // NVD: CVE-2018-3619

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00114.html	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3619	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-3619	Trust: 0.8

sources: VULHUB: VHN-133650 // JVNDB: JVNDB-2018-007984 // CNNVD: CNNVD-201807-897 // NVD: CVE-2018-3619

SOURCES

db:	VULHUB	id:	VHN-133650
db:	JVNDB	id:	JVNDB-2018-007984
db:	CNNVD	id:	CNNVD-201807-897
db:	NVD	id:	CVE-2018-3619

LAST UPDATE DATE

2024-11-23T22:52:01.387000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-133650	date:	2020-04-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-007984	date:	2018-10-04T00:00:00
db:	CNNVD	id:	CNNVD-201807-897	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-3619	date:	2024-11-21T04:05:46.863

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-133650	date:	2018-07-10T00:00:00
db:	JVNDB	id:	JVNDB-2018-007984	date:	2018-10-04T00:00:00
db:	CNNVD	id:	CNNVD-201807-897	date:	2018-07-10T00:00:00
db:	NVD	id:	CVE-2018-3619	date:	2018-07-10T21:29:00.763