Sign-up

ID

VAR-202111-1128


CVE

CVE-2021-0186


TITLE

Intel(R) SGX SDK  Application validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-015266

DESCRIPTION

Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access. Intel(R) SGX SDK The application contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Intel SGX SDK is a software development kit based on SGX (Intel Software Security Extensions) technology developed by Intel Corporation. Intel has a security vulnerability, which stems from the lack of effective permissions and access control measures in network systems or products

Trust: 1.8

sources: NVD: CVE-2021-0186 // JVNDB: JVNDB-2021-015266 // VULHUB: VHN-371755 // VULMON: CVE-2021-0186

AFFECTED PRODUCTS

vendor:intelmodel:pentium silver n5030scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10310uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10310yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10700fscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5317scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3050scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5318sscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6330nscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-1060g7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2930scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10400scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1030g4scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8352mscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5315yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver n5000scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5318yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2810scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n6211scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8358scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-1000g4scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3160scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3350escope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2806scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10510yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10400fscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10400hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6312uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4020scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10100escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10700scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2807scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2910scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6342scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10300tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6338tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5320tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver n6000scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-1068ng7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10105fscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10305scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10700kfscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4000scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10105scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2808scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3000scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6348hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10850hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10305tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10105tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10600kfscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1035g4scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver n6005scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3455scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900fscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8376hlscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8368scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n5105scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1850scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4025scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10700kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6338scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8360hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6326scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10600scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10980hkscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10600kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2820scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10810uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8358pscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8352yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8360yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon silver 4316scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6354scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8362scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10300hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5318nscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10850kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2920scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3350scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3450scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon silver 4309yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10505scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10325scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8376hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2940scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6330scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6334scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1800scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-1005g1scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3355escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10510uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3455escope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3150scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-1000g1scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10610uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4120scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10500hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3060scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10700tescope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2815scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8356hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n6210scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver j5005scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10700tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n5100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver j5040scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4505scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3010scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1900scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8360hlscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10100yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4005scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10885hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-1065g7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10500escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10210uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1030g7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2830scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6328hlscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3060scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6314uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8352vscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10870hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10100tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900tescope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10300scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10100fscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2840scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2805scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3160scope:eqversion: -

Trust: 1.0

vendor:intelmodel:sgx sdkscope:lteversion:2.12

Trust: 1.0

vendor:intelmodel:xeon gold 6348scope:eqversion: -

Trust: 1.0

vendor:intelmodel:sgx sdkscope:lteversion:2.13

Trust: 1.0

vendor:intelmodel:core i7-10700escope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8368qscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1038ng7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10500tescope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8380hlscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5320hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5320scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6346scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1750scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10320scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j6413scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8352sscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon silver 4310scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon silver 4314scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4125scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10110yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8353hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1035g7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8380scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6336yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10875hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10110uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8351nscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 5318hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8354hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon silver 4310tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10200hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10210yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon platinum 8380hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10600tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10500tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10750hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4105scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10710uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10400tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10100tescope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6328hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900kfscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6330hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3355scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j6412scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1035g1scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon gold 6338nscope:eqversion: -

Trust: 1.0

vendor:インテルmodel:intel xeon gold 6346scope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon gold 6354scope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon gold 6314uscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon platinum 8360yscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon gold 6330scope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon gold 6342scope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon gold 6338nscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel sgx sdkscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon silver 4316scope: - version: -

Trust: 0.8

vendor:インテルmodel:intel xeon silver 4314scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-015266 // NVD: CVE-2021-0186

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-0186
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-0186
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202110-936
value: MEDIUM

Trust: 0.6

VULHUB: VHN-371755
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-0186
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-371755
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-0186
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-0186
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-371755 // JVNDB: JVNDB-2021-015266 // CNNVD: CNNVD-202110-936 // NVD: CVE-2021-0186

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

problemtype:Inappropriate input confirmation (CWE-20) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-371755 // JVNDB: JVNDB-2021-015266 // NVD: CVE-2021-0186

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202110-936

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202110-936

PATCH

title:INTEL-SA-00548url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.html

Trust: 0.8

title:Intel SGX SDK Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=171075

Trust: 0.6

sources: JVNDB: JVNDB-2021-015266 // CNNVD: CNNVD-202110-936

EXTERNAL IDS

db:NVDid:CVE-2021-0186

Trust: 3.4

db:JVNid:JVNVU92532697

Trust: 0.8

db:JVNDBid:JVNDB-2021-015266

Trust: 0.8

db:CNNVDid:CNNVD-202110-936

Trust: 0.7

db:AUSCERTid:ESB-2021.3371

Trust: 0.6

db:LENOVOid:LEN-66616

Trust: 0.6

db:CNVDid:CNVD-2022-13184

Trust: 0.1

db:VULHUBid:VHN-371755

Trust: 0.1

db:VULMONid:CVE-2021-0186

Trust: 0.1

sources: VULHUB: VHN-371755 // VULMON: CVE-2021-0186 // JVNDB: JVNDB-2021-015266 // CNNVD: CNNVD-202110-936 // NVD: CVE-2021-0186

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.html

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-0186

Trust: 1.4

url:https://jvn.jp/vu/jvnvu92532697/

Trust: 0.8

url:https://support.lenovo.com/us/en/product_security/len-66616

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3371

Trust: 0.6

sources: VULHUB: VHN-371755 // VULMON: CVE-2021-0186 // JVNDB: JVNDB-2021-015266 // CNNVD: CNNVD-202110-936 // NVD: CVE-2021-0186

SOURCES

db:VULHUBid:VHN-371755
db:VULMONid:CVE-2021-0186
db:JVNDBid:JVNDB-2021-015266
db:CNNVDid:CNNVD-202110-936
db:NVDid:CVE-2021-0186

LAST UPDATE DATE

2024-08-14T14:31:30.903000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-371755date:2021-11-23T00:00:00
db:JVNDBid:JVNDB-2021-015266date:2022-11-15T01:55:00
db:CNNVDid:CNNVD-202110-936date:2021-12-06T00:00:00
db:NVDid:CVE-2021-0186date:2021-11-23T15:27:28.973

SOURCES RELEASE DATE

db:VULHUBid:VHN-371755date:2021-11-17T00:00:00
db:JVNDBid:JVNDB-2021-015266date:2022-11-15T00:00:00
db:CNNVDid:CNNVD-202110-936date:2021-10-13T00:00:00
db:NVDid:CVE-2021-0186date:2021-11-17T20:15:09.553