CVE-2019-11090

{"id": "CVE-2019-11090", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2019-12-18T22:15:12.237", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access."}, {"lang": "es", "value": "Condiciones de sincronizaci\u00f3n criptogr\u00e1fica en el subsistema para Intel\u00ae PTT versiones anteriores a 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 y 14.0.10; Intel\u00ae TXE 3.1.70 y 4.0.20; Intel\u00ae SPS versiones anteriores a SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0, puede permitir a un usuario no autenticado habilitar potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio de un acceso de red."}], "lastModified": "2020-01-03T15:59:31.363", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:intel:platform_trust_technology_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D4CEA4B-F303-4C74-9B21-633C23BC788F", "versionEndIncluding": "11.8.70", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:o:intel:platform_trust_technology_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BA65B9B-A05A-46A1-AB54-0C7956FAE3CE", "versionEndExcluding": "11.11.70", "versionStartIncluding": "11.10"}, {"criteria": "cpe:2.3:o:intel:platform_trust_technology_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11B431B3-4508-4DEC-A85E-B236B33AF98A", "versionEndExcluding": "11.22.70", "versionStartIncluding": "11.20"}, {"criteria": "cpe:2.3:o:intel:platform_trust_technology_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43C456C2-693A-4CA2-A991-3FE56D33262C", "versionEndExcluding": "12.0.45", "versionStartIncluding": "12.0"}, {"criteria": "cpe:2.3:o:intel:platform_trust_technology_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45B73401-94D9-4264-A96D-F0AB91F7084A", "versionEndExcluding": "13.0.0", "versionStartIncluding": "13.0"}, {"criteria": "cpe:2.3:o:intel:platform_trust_technology_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9A13E75-2312-403D-A961-0BEE49AF7FFC", "versionEndExcluding": "14.0.10", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90C558D4-B158-4BD3-B215-C28BF647718F"}, {"criteria": "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19E8B458-4B69-40D3-9B92-76E6ECA214DD", "versionEndExcluding": "sps_e3_04.01.04.086.0", "versionStartIncluding": "sps_e3_04.01.00.000.0"}, {"criteria": "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA8854B3-4BBC-4FEB-872B-574972F3D95B", "versionEndExcluding": "sps_e5_04.01.04.305.0", "versionStartIncluding": "sps_e5_04.00.00.000.0"}, {"criteria": "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DFD2B64-3374-4419-B102-42745E051F14", "versionEndExcluding": "sps_soc-a_04.00.04.191.0", "versionStartIncluding": "sps_soc-a_04.00.00.000.0"}, {"criteria": "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8932FAF-2F02-4D8F-B930-86A2F939F0CA", "versionEndExcluding": "sps_soc-x_04.00.04.108.0", "versionStartIncluding": "sps_soc-x_04.00.00.000.0"}, {"criteria": "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD17A8EA-F595-4E4E-B694-FE07544E7945", "versionEndExcluding": "3.1.70", "versionStartIncluding": "3.0"}, {"criteria": "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", "versionEndExcluding": "4.0.20", "versionStartIncluding": "4.0"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}