Details of VAR-202208-0868

ID

VAR-202208-0868

CVE

CVE-2021-33126

TITLE

Vulnerabilities in multiple Intel products

Trust: 0.8

sources: JVNDB: JVNDB-2021-020208

DESCRIPTION

Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access. ethernet controller xxv710 firmware, ethernet controller xl710 firmware, ethernet controller v710 Multiple Intel products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-33126 // JVNDB: JVNDB-2021-020208 // VULMON: CVE-2021-33126

AFFECTED PRODUCTS

vendor:	intel	model:	ethernet network adapter x722da4g1p5	scope:	lt	version:	1.5.5	Trust: 1.0
vendor:	intel	model:	ethernet network adapter x722da4fh	scope:	lt	version:	1.5.5	Trust: 1.0
vendor:	intel	model:	ethernet controller x710	scope:	lt	version:	8.5	Trust: 1.0
vendor:	intel	model:	ethernet controller xxv710	scope:	lt	version:	8.5	Trust: 1.0
vendor:	intel	model:	ethernet network adapter x722da2	scope:	lt	version:	1.5.5	Trust: 1.0
vendor:	intel	model:	ethernet controller xl710	scope:	lt	version:	8.5	Trust: 1.0
vendor:	intel	model:	ethernet controller v710	scope:	lt	version:	8.5	Trust: 1.0
vendor:	インテル	model:	ethernet network adapter x722da4g1p5	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	ethernet controller x710	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	ethernet controller xl710	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	ethernet network adapter x722da2	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	ethernet controller xxv710	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	ethernet network adapter x722da4fh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	ethernet controller v710	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-020208 // NVD: CVE-2021-33126

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-33126
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-33126
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202208-2666
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2021-33126
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-33126
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2021-020208 // CNNVD: CNNVD-202208-2666 // NVD: CVE-2021-33126

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-020208 // NVD: CVE-2021-33126

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2666

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2666

PATCH

title:

Intel Ethernet Controllers Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204872

Trust: 0.6

sources: CNNVD: CNNVD-202208-2666

EXTERNAL IDS

db:	NVD	id:	CVE-2021-33126	Trust: 3.3
db:	JVN	id:	JVNVU99494206	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-020208	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3948	Trust: 0.6
db:	CNNVD	id:	CNNVD-202208-2666	Trust: 0.6
db:	VULMON	id:	CVE-2021-33126	Trust: 0.1

sources: VULMON: CVE-2021-33126 // JVNDB: JVNDB-2021-020208 // CNNVD: CNNVD-202208-2666 // NVD: CVE-2021-33126

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99494206/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33126	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2021-33126/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3948	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2021-33126 // JVNDB: JVNDB-2021-020208 // CNNVD: CNNVD-202208-2666 // NVD: CVE-2021-33126

SOURCES

db:	VULMON	id:	CVE-2021-33126
db:	JVNDB	id:	JVNDB-2021-020208
db:	CNNVD	id:	CNNVD-202208-2666
db:	NVD	id:	CVE-2021-33126

LAST UPDATE DATE

2024-08-14T12:39:55.011000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2021-33126	date:	2022-08-19T00:00:00
db:	JVNDB	id:	JVNDB-2021-020208	date:	2023-09-27T08:48:00
db:	CNNVD	id:	CNNVD-202208-2666	date:	2022-08-29T00:00:00
db:	NVD	id:	CVE-2021-33126	date:	2022-08-26T17:23:11.183

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2021-33126	date:	2022-08-18T00:00:00
db:	JVNDB	id:	JVNDB-2021-020208	date:	2023-09-27T00:00:00
db:	CNNVD	id:	CNNVD-202208-2666	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2021-33126	date:	2022-08-18T20:15:09.500