Details of VAR-202202-0051

ID

VAR-202202-0051

CVE

CVE-2021-33068

TITLE

Intel(R) AMT In NULL Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-005268

DESCRIPTION

Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access. Intel(R) AMT for, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-33068 // JVNDB: JVNDB-2022-005268 // VULHUB: VHN-393082

AFFECTED PRODUCTS

vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	lt	version:	15.0.35	Trust: 1.0
vendor:	インテル	model:	intel active management technology	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	cloud backup	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-005268 // NVD: CVE-2021-33068

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-33068
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-33068
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202202-660
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-393082
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-33068
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-393082
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-33068
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-33068
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-393082 // JVNDB: JVNDB-2022-005268 // CNNVD: CNNVD-202202-660 // NVD: CVE-2021-33068

PROBLEMTYPE DATA

problemtype:	CWE-476	Trust: 1.1
problemtype:	NULL Pointer dereference (CWE-476) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-393082 // JVNDB: JVNDB-2022-005268 // NVD: CVE-2021-33068

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202202-660

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202202-660

PATCH

title:	NTAP-20220210-0006 Intel Intel Product Security Center	url:	https://security.netapp.com/advisory/ntap-20220210-0006/	Trust: 0.8
title:	Intel Repair measures for code problems and vulnerabilities of multiple products	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=181135	Trust: 0.6

sources: JVNDB: JVNDB-2022-005268 // CNNVD: CNNVD-202202-660

EXTERNAL IDS

db:	NVD	id:	CVE-2021-33068	Trust: 3.3
db:	JVN	id:	JVNVU99045838	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-005268	Trust: 0.8
db:	LENOVO	id:	LEN-68030	Trust: 0.6
db:	CS-HELP	id:	SB2022020901	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0534	Trust: 0.6
db:	CNNVD	id:	CNNVD-202202-660	Trust: 0.6
db:	VULHUB	id:	VHN-393082	Trust: 0.1

sources: VULHUB: VHN-393082 // JVNDB: JVNDB-2022-005268 // CNNVD: CNNVD-202202-660 // NVD: CVE-2021-33068

REFERENCES

url:	https://security.netapp.com/advisory/ntap-20220210-0006/	Trust: 1.7
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00470.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33068	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu99045838/	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022020901	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-68030	Trust: 0.6
url:	https://vigilance.fr/vulnerability/intel-chipset-firmware-three-vulnerabilities-37496	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0534	Trust: 0.6

sources: VULHUB: VHN-393082 // JVNDB: JVNDB-2022-005268 // CNNVD: CNNVD-202202-660 // NVD: CVE-2021-33068

SOURCES

db:	VULHUB	id:	VHN-393082
db:	JVNDB	id:	JVNDB-2022-005268
db:	CNNVD	id:	CNNVD-202202-660
db:	NVD	id:	CVE-2021-33068

LAST UPDATE DATE

2024-08-14T12:16:56.557000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-393082	date:	2022-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-005268	date:	2023-05-26T01:40:00
db:	CNNVD	id:	CNNVD-202202-660	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2021-33068	date:	2022-02-15T17:51:55.863

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-393082	date:	2022-02-09T00:00:00
db:	JVNDB	id:	JVNDB-2022-005268	date:	2023-05-26T00:00:00
db:	CNNVD	id:	CNNVD-202202-660	date:	2022-02-08T00:00:00
db:	NVD	id:	CVE-2021-33068	date:	2022-02-09T23:15:15.230