cvelist/2018/3xxx/CVE-2018-3615.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "secure@intel.com",
      "DATE_PUBLIC" : "2018-08-14T00:00:00",
      "ID" : "CVE-2018-3615",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Multiple",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "Multiple"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Intel Corporation"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Information Disclosure"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
            "refsource" : "MLIST",
            "url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
         },
         {
            "name" : "https://foreshadowattack.eu/",
            "refsource" : "MISC",
            "url" : "https://foreshadowattack.eu/"
         },
         {
            "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
            "refsource" : "CONFIRM",
            "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
         },
         {
            "name" : "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
            "refsource" : "CONFIRM",
            "url" : "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
         },
         {
            "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us",
            "refsource" : "CONFIRM",
            "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us"
         },
         {
            "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
            "refsource" : "CONFIRM",
            "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
         },
         {
            "name" : "http://support.lenovo.com/us/en/solutions/LEN-24163",
            "refsource" : "CONFIRM",
            "url" : "http://support.lenovo.com/us/en/solutions/LEN-24163"
         },
         {
            "name" : "https://security.netapp.com/advisory/ntap-20180815-0001/",
            "refsource" : "CONFIRM",
            "url" : "https://security.netapp.com/advisory/ntap-20180815-0001/"
         },
         {
            "name" : "https://www.synology.com/support/security/Synology_SA_18_45",
            "refsource" : "CONFIRM",
            "url" : "https://www.synology.com/support/security/Synology_SA_18_45"
         },
         {
            "name" : "https://support.f5.com/csp/article/K35558453",
            "refsource" : "CONFIRM",
            "url" : "https://support.f5.com/csp/article/K35558453"
         },
         {
            "name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",
            "refsource" : "CONFIRM",
            "url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
         },
         {
            "name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
            "refsource" : "CONFIRM",
            "url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
         },
         {
            "name" : "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
            "refsource" : "CISCO",
            "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
         },
         {
            "name" : "VU#982149",
            "refsource" : "CERT-VN",
            "url" : "https://www.kb.cert.org/vuls/id/982149"
         },
         {
            "name" : "105080",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/105080"
         },
         {
            "name" : "1041451",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id/1041451"
         }
      ]
   }
}
- Synchronized data. 2017-12-28 12:04:07 -05:00			`{`
			`"CVE_data_meta" : {`
- Added submission from Intel for INTEL-SA-00161 from 2018-08-14. 2018-08-14 14:38:15 -04:00			`"ASSIGNER" : "secure@intel.com",`
			`"DATE_PUBLIC" : "2018-08-14T00:00:00",`
- Synchronized data. 2017-12-28 12:04:07 -05:00			`"ID" : "CVE-2018-3615",`
- Added submission from Intel for INTEL-SA-00161 from 2018-08-14. 2018-08-14 14:38:15 -04:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "Multiple",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "Multiple"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "Intel Corporation"`
			`}`
			`]`
			`}`
- Synchronized data. 2017-12-28 12:04:07 -05:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Added submission from Intel for INTEL-SA-00161 from 2018-08-14. 2018-08-14 14:38:15 -04:00			`"value" : "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Information Disclosure"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
- Synchronized data. 2018-09-17 06:04:53 -04:00			`{`
			`"name" : "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",`
			`"refsource" : "MLIST",`
			`"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"`
			`},`
- Synchronized data. 2018-08-15 09:03:00 -04:00			`{`
			`"name" : "https://foreshadowattack.eu/",`
			`"refsource" : "MISC",`
			`"url" : "https://foreshadowattack.eu/"`
			`},`
- Added submission from Intel for INTEL-SA-00161 from 2018-08-14. 2018-08-14 14:38:15 -04:00			`{`
- Synchronized data. 2018-08-14 15:05:03 -04:00			`"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",`
			`"refsource" : "CONFIRM",`
- Added submission from Intel for INTEL-SA-00161 from 2018-08-14. 2018-08-14 14:38:15 -04:00			`"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"`
- Synchronized data. 2018-08-15 06:05:55 -04:00			`},`
- Synchronized data. 2018-08-15 09:03:00 -04:00			`{`
			`"name" : "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"`
			`},`
- Synchronized data. 2018-08-15 06:05:55 -04:00			`{`
			`"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us"`
			`},`
- Synchronized data. 2018-08-15 09:03:00 -04:00			`{`
- Synchronized data. 2018-08-16 10:03:05 -04:00			`"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",`
- Synchronized data. 2018-08-15 09:03:00 -04:00			`"refsource" : "CONFIRM",`
- Synchronized data. 2018-08-16 10:03:05 -04:00			`"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"`
- Synchronized data. 2018-08-15 09:03:00 -04:00			`},`
			`{`
			`"name" : "http://support.lenovo.com/us/en/solutions/LEN-24163",`
			`"refsource" : "CONFIRM",`
			`"url" : "http://support.lenovo.com/us/en/solutions/LEN-24163"`
			`},`
- Synchronized data. 2018-08-16 06:04:48 -04:00			`{`
			`"name" : "https://security.netapp.com/advisory/ntap-20180815-0001/",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://security.netapp.com/advisory/ntap-20180815-0001/"`
			`},`
			`{`
			`"name" : "https://www.synology.com/support/security/Synology_SA_18_45",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://www.synology.com/support/security/Synology_SA_18_45"`
			`},`
- Synchronized data. 2018-08-16 10:03:05 -04:00			`{`
			`"name" : "https://support.f5.com/csp/article/K35558453",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://support.f5.com/csp/article/K35558453"`
			`},`
			`{`
			`"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"`
			`},`
- Synchronized data. 2018-10-10 06:06:50 -04:00			`{`
			`"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"`
			`},`
- Synchronized data. 2018-08-15 09:03:00 -04:00			`{`
			`"name" : "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",`
			`"refsource" : "CISCO",`
			`"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"`
			`},`
- Synchronized data. 2018-08-16 16:03:52 -04:00			`{`
			`"name" : "VU#982149",`
			`"refsource" : "CERT-VN",`
			`"url" : "https://www.kb.cert.org/vuls/id/982149"`
			`},`
- Synchronized data. 2018-08-15 06:05:55 -04:00			`{`
			`"name" : "105080",`
			`"refsource" : "BID",`
			`"url" : "http://www.securityfocus.com/bid/105080"`
			`},`
			`{`
			`"name" : "1041451",`
			`"refsource" : "SECTRACK",`
			`"url" : "http://www.securitytracker.com/id/1041451"`
- Synchronized data. 2017-12-28 12:04:07 -05:00			`}`
			`]`
			`}`
			`}`