Sign-up

ID

VAR-202205-0918


CVE

CVE-2021-33069


TITLE

Improper resource shutdown and release vulnerability in multiple Intel products

Trust: 0.8

sources: JVNDB: JVNDB-2021-019589

DESCRIPTION

Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access

Trust: 1.71

sources: NVD: CVE-2021-33069 // JVNDB: JVNDB-2021-019589 // VULMON: CVE-2021-33069

AFFECTED PRODUCTS

vendor:intelmodel:optane ssd 905pscope:ltversion:fw600

Trust: 1.0

vendor:intelmodel:optane ssd dc p4800xscope:ltversion:e2010600

Trust: 1.0

vendor:intelmodel:optane ssd 900pscope:ltversion:fw600

Trust: 1.0

vendor:intelmodel:optane ssd dc p4801xscope:ltversion:e2010600

Trust: 1.0

vendor:intelmodel:optane ssd p5800xscope:ltversion:l0310200

Trust: 1.0

vendor:intelmodel:optane memory h20 with solid state storagescope:ltversion:pgf028k

Trust: 1.0

vendor:intelmodel:optane memory h10 with solid state storagescope:ltversion:tgf061k

Trust: 1.0

vendor:インテルmodel:optane ssd dc p4801xscope: - version: -

Trust: 0.8

vendor:インテルmodel:optane ssd dc p4800xscope: - version: -

Trust: 0.8

vendor:インテルmodel:optane memory h20 with solid state storagescope: - version: -

Trust: 0.8

vendor:インテルmodel:intel optane ssd 900pscope: - version: -

Trust: 0.8

vendor:インテルmodel:optane ssd p5800xscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel optane ssd 905pscope: - version: -

Trust: 0.8

vendor:インテルmodel:optane memory h10 with solid state storagescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-019589 // NVD: CVE-2021-33069

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-33069
value: MEDIUM

Trust: 1.8

CNNVD: CNNVD-202205-3147
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-33069
value: MEDIUM

Trust: 0.1

NVD: CVE-2021-33069
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.9

NVD: CVE-2021-33069
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-33069
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-33069 // JVNDB: JVNDB-2021-019589 // CNNVD: CNNVD-202205-3147 // NVD: CVE-2021-33069

PROBLEMTYPE DATA

problemtype:CWE-404

Trust: 1.0

problemtype:Improper shutdown and release of resources (CWE-404) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-019589 // NVD: CVE-2021-33069

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-3147

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202205-3147

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2021-33069

PATCH
title:Multiple Intel Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=193565
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202205-3147

EXTERNAL IDS
db:NVDid:CVE-2021-33069
Trust: 3.3
db:JVNid:JVNVU93344744
Trust: 0.8
db:JVNDBid:JVNDB-2021-019589
Trust: 0.8
db:CNNVDid:CNNVD-202205-3147
Trust: 0.6
db:VULMONid:CVE-2021-33069
Trust: 0.1
sources:
            
            
            VULMON: CVE-2021-33069 // 
            
            
            
            JVNDB: JVNDB-2021-019589 // 
            
            
            
            CNNVD: CNNVD-202205-3147 // 
            
            
            
            NVD: CVE-2021-33069

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html
Trust: 2.5
url:https://www.solidigm.com/content/dam/solidigm/en/site/support/support-community/cve-(security)/documents/public-security-advisory.pdf
Trust: 1.0
url:https://jvn.jp/vu/jvnvu93344744/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2021-33069
Trust: 0.8
url:https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/solidigm%20sa-000563%20rev1.1.pdf
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2021-33069/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/404.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2021-33069 // 
            
            
            
            JVNDB: JVNDB-2021-019589 // 
            
            
            
            CNNVD: CNNVD-202205-3147 // 
            
            
            
            NVD: CVE-2021-33069

SOURCES
db:VULMONid:CVE-2021-33069
db:JVNDBid:JVNDB-2021-019589
db:CNNVDid:CNNVD-202205-3147
db:NVDid:CVE-2021-33069

LAST UPDATE DATE
2023-12-13T21:25:37.619000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2021-33069date:2022-05-19T00:00:00
db:JVNDBid:JVNDB-2021-019589date:2023-08-04T08:30:00
db:CNNVDid:CNNVD-202205-3147date:2022-09-21T00:00:00
db:NVDid:CVE-2021-33069date:2023-12-12T14:15:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2021-33069date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2021-019589date:2023-08-04T00:00:00
db:CNNVDid:CNNVD-202205-3147date:2022-05-12T00:00:00
db:NVDid:CVE-2021-33069date:2022-05-12T17:15:00