Sign-up

ID

VAR-202311-1185


CVE

CVE-2023-24588


DESCRIPTION

Exposure of sensitive information to an unauthorized actor in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access

Trust: 0.99

sources: NVD: CVE-2023-24588 // VULMON: CVE-2023-24588

AFFECTED PRODUCTS

vendor:intelmodel:optane ssd dc p4800xscope:ltversion:e2010650

Trust: 1.0

vendor:intelmodel:optane memory h20 with solid state storagescope:ltversion:u4110553-g004

Trust: 1.0

vendor:intelmodel:optane ssd 900pscope:ltversion:e2010650

Trust: 1.0

vendor:intelmodel:optane ssd dc p4801xscope:ltversion:e2010650

Trust: 1.0

vendor:intelmodel:optane ssd 905pscope:ltversion:e2010650

Trust: 1.0

sources: NVD: CVE-2023-24588

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2023-24588
value: MEDIUM

Trust: 1.0

secure@intel.com: CVE-2023-24588
value: MEDIUM

Trust: 1.0

NVD:
baseSeverity: MEDIUM
baseScore: 4.6
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 0.9
impactScore: 3.6
version: 3.1

Trust: 1.0

secure@intel.com:
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 0.7
impactScore: 4.7
version: 3.1

Trust: 1.0

sources: NVD: CVE-2023-24588 // NVD: CVE-2023-24588

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2023-24588

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2023-24588

EXTERNAL IDS
db:NVDid:CVE-2023-24588
Trust: 1.1
db:VULMONid:CVE-2023-24588
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-24588 // 
            
            
            
            NVD: CVE-2023-24588

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00758.html
Trust: 1.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-24588 // 
            
            
            
            NVD: CVE-2023-24588

SOURCES
db:VULMONid:CVE-2023-24588
db:NVDid:CVE-2023-24588

LAST UPDATE DATE
2023-12-18T12:47:45.048000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2023-24588date:2023-11-14T00:00:00
db:NVDid:CVE-2023-24588date:2023-11-28T17:00:16.913

SOURCES RELEASE DATE
db:VULMONid:CVE-2023-24588date:2023-11-14T00:00:00
db:NVDid:CVE-2023-24588date:2023-11-14T19:15:18.473