ID

VAR-201911-0921


CVE

CVE-2019-14590


TITLE

Intel(R) Graphics Driver Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2019-012133

DESCRIPTION

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) Graphics Driver Contains an information disclosure vulnerability.Information may be obtained. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to obtain sensitive information

Trust: 1.71

sources: NVD: CVE-2019-14590 // JVNDB: JVNDB-2019-012133 // VULHUB: VHN-146552

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.7209

Trust: 1.8

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

sources: JVNDB: JVNDB-2019-012133 // NVD: CVE-2019-14590

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-14590
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-14590
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201911-597
value: MEDIUM

Trust: 0.6

VULHUB: VHN-146552
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-14590
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-146552
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-14590
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-14590
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-146552 // JVNDB: JVNDB-2019-012133 // CNNVD: CNNVD-201911-597 // NVD: CVE-2019-14590

PROBLEMTYPE DATA

problemtype:CWE-269

Trust: 1.0

problemtype:CWE-200

Trust: 0.8

sources: JVNDB: JVNDB-2019-012133 // NVD: CVE-2019-14590

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-597

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201911-597

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012133

PATCH

title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 0.8

title:Intel Graphics Driver Repair measures for information disclosure vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=103264

Trust: 0.6

sources: JVNDB: JVNDB-2019-012133 // CNNVD: CNNVD-201911-597

EXTERNAL IDS

db:NVDid:CVE-2019-14590

Trust: 2.5

db:JVNid:JVNVU90354904

Trust: 0.8

db:JVNDBid:JVNDB-2019-012133

Trust: 0.8

db:CNNVDid:CNNVD-201911-597

Trust: 0.7

db:LENOVOid:LEN-28235

Trust: 0.6

db:VULHUBid:VHN-146552

Trust: 0.1

sources: VULHUB: VHN-146552 // JVNDB: JVNDB-2019-012133 // CNNVD: CNNVD-201911-597 // NVD: CVE-2019-14590

REFERENCES

url:https://security.netapp.com/advisory/ntap-20200320-0005/

Trust: 1.7

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-14590

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14590

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90354904/

Trust: 0.8

url:https://support.lenovo.com/us/en/product_security/len-28235

Trust: 0.6

sources: VULHUB: VHN-146552 // JVNDB: JVNDB-2019-012133 // CNNVD: CNNVD-201911-597 // NVD: CVE-2019-14590

SOURCES

db:VULHUBid:VHN-146552
db:JVNDBid:JVNDB-2019-012133
db:CNNVDid:CNNVD-201911-597
db:NVDid:CVE-2019-14590

LAST UPDATE DATE

2024-11-23T20:19:21.246000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-146552date:2020-08-24T00:00:00
db:JVNDBid:JVNDB-2019-012133date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-597date:2022-11-14T00:00:00
db:NVDid:CVE-2019-14590date:2024-11-21T04:26:59.703

SOURCES RELEASE DATE

db:VULHUBid:VHN-146552date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012133date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-597date:2019-11-12T00:00:00
db:NVDid:CVE-2019-14590date:2019-11-14T20:15:11.913