Sign-up

ID

VAR-201911-0921


CVE

CVE-2019-14590


TITLE

Intel(R) Graphics Driver Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2019-012133

DESCRIPTION

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) Graphics Driver Contains an information disclosure vulnerability.Information may be obtained. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to obtain sensitive information

Trust: 1.71

sources: NVD: CVE-2019-14590 // JVNDB: JVNDB-2019-012133 // VULHUB: VHN-146552

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.7209

Trust: 1.8

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

sources: JVNDB: JVNDB-2019-012133 // NVD: CVE-2019-14590

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-14590
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-14590
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201911-597
value: MEDIUM

Trust: 0.6

VULHUB: VHN-146552
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-14590
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-146552
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-14590
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-14590
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-146552 // JVNDB: JVNDB-2019-012133 // CNNVD: CNNVD-201911-597 // NVD: CVE-2019-14590

PROBLEMTYPE DATA

problemtype:CWE-269

Trust: 1.0

problemtype:CWE-200

Trust: 0.8

sources: JVNDB: JVNDB-2019-012133 // NVD: CVE-2019-14590

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-597

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201911-597

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-012133

PATCH
title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
Trust: 0.8
title:Intel Graphics Driver Repair measures for information disclosure vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=103264
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-012133 // 
            
            
            
            CNNVD: CNNVD-201911-597

EXTERNAL IDS
db:NVDid:CVE-2019-14590
Trust: 2.5
db:JVNid:JVNVU90354904
Trust: 0.8
db:JVNDBid:JVNDB-2019-012133
Trust: 0.8
db:CNNVDid:CNNVD-201911-597
Trust: 0.7
db:LENOVOid:LEN-28235
Trust: 0.6
db:VULHUBid:VHN-146552
Trust: 0.1
sources:
            
            
            VULHUB: VHN-146552 // 
            
            
            
            JVNDB: JVNDB-2019-012133 // 
            
            
            
            CNNVD: CNNVD-201911-597 // 
            
            
            
            NVD: CVE-2019-14590

REFERENCES
url:https://security.netapp.com/advisory/ntap-20200320-0005/
Trust: 1.7
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-14590
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14590
Trust: 0.8
url:https://jvn.jp/vu/jvnvu90354904/
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/len-28235
Trust: 0.6
sources:
            
            
            VULHUB: VHN-146552 // 
            
            
            
            JVNDB: JVNDB-2019-012133 // 
            
            
            
            CNNVD: CNNVD-201911-597 // 
            
            
            
            NVD: CVE-2019-14590

SOURCES
db:VULHUBid:VHN-146552
db:JVNDBid:JVNDB-2019-012133
db:CNNVDid:CNNVD-201911-597
db:NVDid:CVE-2019-14590

LAST UPDATE DATE
2024-08-14T12:44:50.781000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-146552date:2020-08-24T00:00:00
db:JVNDBid:JVNDB-2019-012133date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-597date:2022-11-14T00:00:00
db:NVDid:CVE-2019-14590date:2022-11-10T03:35:00.323

SOURCES RELEASE DATE
db:VULHUBid:VHN-146552date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012133date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-597date:2019-11-12T00:00:00
db:NVDid:CVE-2019-14590date:2019-11-14T20:15:11.913