Sign-up

ID

VAR-202311-1268


CVE

CVE-2023-27306


TITLE

Initialization vulnerabilities in multiple Intel products

Trust: 0.8

sources: JVNDB: JVNDB-2023-018305

DESCRIPTION

Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an authenticated user to potentially enable denial of service via local access. optane memory h20 with solid state storage firmware, Intel Optane SSD 900P , optane ssd dc p4800x Multiple Intel products, including firmware, have vulnerabilities related to initialization.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2023-27306 // JVNDB: JVNDB-2023-018305 // VULMON: CVE-2023-27306

AFFECTED PRODUCTS

vendor:intelmodel:optane ssd dc p4800xscope:ltversion:e2010650

Trust: 1.0

vendor:intelmodel:optane memory h20 with solid state storagescope:ltversion:u4110553-g004

Trust: 1.0

vendor:intelmodel:optane ssd 900pscope:ltversion:e2010650

Trust: 1.0

vendor:intelmodel:optane ssd dc p4801xscope:ltversion:e2010650

Trust: 1.0

vendor:intelmodel:optane ssd 905pscope:ltversion:e2010650

Trust: 1.0

vendor:インテルmodel:intel optane ssd 905pscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel optane ssd 900pscope: - version: -

Trust: 0.8

vendor:インテルmodel:optane memory h20 with solid state storagescope: - version: -

Trust: 0.8

vendor:インテルmodel:optane ssd dc p4801xscope: - version: -

Trust: 0.8

vendor:インテルmodel:optane ssd dc p4800xscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-018305 // NVD: CVE-2023-27306

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2023-27306
value: MEDIUM

Trust: 1.8

secure@intel.com: CVE-2023-27306
value: MEDIUM

Trust: 1.0

NVD:
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

secure@intel.com:
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.0
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2023-27306
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-018305 // NVD: CVE-2023-27306 // NVD: CVE-2023-27306

PROBLEMTYPE DATA

problemtype:CWE-665

Trust: 1.0

problemtype:Improper initialization (CWE-665) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-018305 // NVD: CVE-2023-27306

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2023-27306

EXTERNAL IDS
db:NVDid:CVE-2023-27306
Trust: 2.7
db:JVNid:JVNVU96399390
Trust: 0.8
db:JVNDBid:JVNDB-2023-018305
Trust: 0.8
db:VULMONid:CVE-2023-27306
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-27306 // 
            
            
            
            JVNDB: JVNDB-2023-018305 // 
            
            
            
            NVD: CVE-2023-27306

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00758.html
Trust: 1.9
url:https://jvn.jp/vu/jvnvu96399390/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2023-27306
Trust: 0.8
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-27306 // 
            
            
            
            JVNDB: JVNDB-2023-018305 // 
            
            
            
            NVD: CVE-2023-27306

SOURCES
db:VULMONid:CVE-2023-27306
db:JVNDBid:JVNDB-2023-018305
db:NVDid:CVE-2023-27306

LAST UPDATE DATE
2024-01-18T22:25:38.344000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2023-27306date:2023-11-14T00:00:00
db:JVNDBid:JVNDB-2023-018305date:2024-01-11T02:05:00
db:NVDid:CVE-2023-27306date:2023-11-30T17:12:52.813

SOURCES RELEASE DATE
db:VULMONid:CVE-2023-27306date:2023-11-14T00:00:00
db:JVNDBid:JVNDB-2023-018305date:2024-01-11T00:00:00
db:NVDid:CVE-2023-27306date:2023-11-14T19:15:20.657