CVE-2018-3652

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2018-3652
Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

7.6 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 6.0

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://security.netapp.com/advisory/ntap-20180802-0001/ Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00127.html Mitigation Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:5118:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:5119t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:5120:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:5120t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:5122:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6126:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6126f:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6126t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6128:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6130:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6130f:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6130t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6132:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6134:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6134m:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6136:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6138:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6138f:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6138p:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6138t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6140:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6140m:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6142:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6142f:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6142m:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6144:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6146:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6148:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6148f:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6150:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6152:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_gold:6154:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_platinum:8180m:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:h:intel:xeon:d-1513n:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1518:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1520:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1521:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1523n:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1527:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1528:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1529:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1531:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1533n:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1537:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1539:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1540:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1541:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1543n:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1548:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1553n:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1557:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1559:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1567:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1571:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-1577:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2123it:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2141i:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2142it:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2143it:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2145nt:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2146nt:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2161i:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2163it:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2166nt:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2173it:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2177nt:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2183it:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon:d-2187nt:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2316:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2338:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2350:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2358:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2508:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2516:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2518:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2530:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2538:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2550:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2558:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2718:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2730:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2738:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2750:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c2758:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3336:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*
cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*
History

No history.

Information

Published : 2018-07-10 21:29

Updated : 2024-02-04 19:46

NVD link : CVE-2018-3652

Mitre link : CVE-2018-3652

CVE.ORG link : CVE-2018-3652

JSON object : View

Products Affected

intel

  • xeon_e3_1225_v6
  • xeon_e3_1240_v6
  • xeon_e3_1501l_v6
  • xeon_e3_1280_v5
  • xeon_gold
  • atom_c
  • xeon_bronze_3106
  • xeon_e3_1220_v5
  • xeon_e3_1285_v6
  • xeon_e3_1260l_v5
  • xeon_e3_1220_v6
  • xeon_e3_1270_v6
  • xeon_e3_1275_v6
  • xeon_platinum
  • xeon_e3_1240l_v5
  • xeon_e3_1240_v5
  • xeon_bronze_3104
  • xeon
  • xeon_e3_1275_v5
  • xeon_e3_1270_v5
  • xeon_e3_1245_v6
  • xeon_e3_1268l_v5
  • xeon_silver
  • xeon_e3_1230_v6
  • xeon_e3_1505l_v5
  • xeon_e3
  • xeon_e3_1230_v5
  • xeon_e3_1245_v5
  • xeon_e3_1501m_v6
  • xeon_e3_1505l_v6
  • xeon_e3_1505m_v5
  • xeon_e3_1280_v6
  • xeon_e3_1235l_v5
  • xeon_e3_1225_v5
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor