{"containers": {"cna": {"affected": [{"product": "Intel(R) Ethernet Controllers 800 series Linux drivers", "vendor": "n/a", "versions": [{"status": "affected", "version": "before version 1.4.11"}]}], "descriptions": [{"lang": "en", "value": "Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access."}], "problemTypes": [{"descriptions": [{"description": "information disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-08-27T06:06:41", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210827-0008/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0003", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Intel(R) Ethernet Controllers 800 series Linux drivers", "version": {"version_data": [{"version_value": "before version 1.4.11"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "information disclosure"}]}]}, "references": {"reference_data": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html"}, {"name": "https://security.netapp.com/advisory/ntap-20210827-0008/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210827-0008/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:01.978Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210827-0008/"}]}]}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0003", "datePublished": "2021-08-11T12:48:20", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.978Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:ethernet_controller_e810_firmware:*:*:*:*:*:linux:*:*", "matchCriteriaId": "D19880AD-FB75-4267-A3AC-B54D31740524", "versionEndExcluding": "1.4.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:ethernet_controller_e810:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAAF14CD-89F6-49F3-8E74-3EE0535D8513", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access."}, {"lang": "es", "value": "Una comprobaci\u00f3n de condiciones inapropiadas en algunos controladores Intel(R) Ethernet de la serie 800 para Linux versiones anteriores a 1.4.11, puede permitir a un usuario autenticado habilitar potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio del acceso local"}], "id": "CVE-2021-0003", "lastModified": "2024-11-21T05:41:40.527", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-08-11T13:15:15.563", "references": [{"source": "secure@intel.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210827-0008/"}, {"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210827-0008/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers", "id": "1995242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995242"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-200", "details": ["Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access.", "A flaw was found in the Linux kernel. This flaw allows a local, authenticated user to enable information disclosure due to an improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers. The highest threat from this vulnerability is to confidentiality."], "name": "CVE-2021-0003", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "impact": "low", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "impact": "low", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "impact": "low", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "impact": "low", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "impact": "low", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-08-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-0003\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-0003\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00515.html"], "threat_severity": "Moderate"}