CVE-2017-5691

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2017-5691
Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.

9.0 /10

CVSS v3 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Exploitability : 2.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us Third Party Advisory
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr Vendor Advisory
https://support.lenovo.com/us/en/product_security/LEN-15184
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:nuc7i3bnk_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:intel:nuc7i5bnk_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:intel:nuc7i7bnh_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:intel:stk2mv64cc_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:intel:stk2m3w64cc_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:stk2m3w64cc:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:intel:nuc6i7kyk_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc6i7kyk:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:intel:nuc6i3syk_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc6i3syk:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:intel:nuc6i5syk_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc6i5syk:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:intel:r1304sposhor_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304sposhor:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:intel:r1304sposhorr_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304sposhorr:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:intel:r1208sposhorr_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208sposhorr:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:intel:lr1304spcfg1r_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:lr1304spcfg1r:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:intel:r1208sposhor_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208sposhor:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:intel:s1200spsr_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s1200spsr:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:intel:s1200spor_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s1200spor:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:intel:lr1304spcfg1_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:lr1304spcfg1:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:intel:s1200spl_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s1200spl:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:intel:s1200spo_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s1200spo:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:intel:s1200sps_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s1200sps:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:intel:r1304sposhbn_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304sposhbn:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:intel:s1200splr_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s1200splr:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:intel:r1304sposhbnr_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304sposhbnr:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2017-07-26 15:29

Updated : 2024-02-04 19:29

NVD link : CVE-2017-5691

Mitre link : CVE-2017-5691

CVE.ORG link : CVE-2017-5691

JSON object : View

Products Affected

intel

  • nuc7i3bnk
  • lr1304spcfg1
  • s1200spo
  • s1200spl_bios
  • stk2m3w64cc_bios
  • lr1304spcfg1r
  • s1200splr_bios
  • r1304sposhbnr
  • r1304sposhorr
  • s1200sps_bios
  • nuc6i7kyk
  • s1200spl
  • s1200spsr
  • r1304sposhbn_bios
  • nuc7i5bnk_bios
  • r1304sposhor
  • r1208sposhor
  • nuc7i7bnh
  • s1200splr
  • s1200spsr_bios
  • r1208sposhor_bios
  • nuc6i3syk
  • nuc7i3bnk_bios
  • nuc6i5syk_bios
  • stk2mv64cc
  • stk2mv64cc_bios
  • s1200spo_bios
  • r1208sposhorr_bios
  • lr1304spcfg1_bios
  • nuc7i7bnh_bios
  • nuc6i3syk_bios
  • nuc6i5syk
  • nuc7i5bnk
  • lr1304spcfg1r_bios
  • r1208sposhorr
  • s1200spor_bios
  • s1200spor
  • r1304sposhbnr_bios
  • stk2m3w64cc
  • s1200sps
  • nuc6i7kyk_bios
  • r1304sposhbn
  • r1304sposhor_bios
  • r1304sposhorr_bios
CWE
NVD-CWE-noinfo