{"id": "CVE-2021-46766", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@amd.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2023-11-14T19:15:10.360", "references": [{"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "tags": ["Vendor Advisory"], "source": "psirt@amd.com"}, {"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", "tags": ["Vendor Advisory"], "source": "psirt@amd.com"}, {"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", "source": "psirt@amd.com"}, {"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-459"}]}], "descriptions": [{"lang": "en", "value": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality."}, {"lang": "es", "value": "La limpieza inadecuada de datos confidenciales en el ASP Bootloader puede exponer claves secretas a un atacante privilegiado que acceda a ASP SRAM, lo que podr\u00eda provocar una p\u00e9rdida de confidencialidad."}], "lastModified": "2024-11-21T06:34:40.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9654p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "108F1054-C8C4-4540-9B8F-7510A8C00DE3", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9654p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C150CC54-2F64-48E7-B996-F06247114BC4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9654_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AFDDF77-6A68-41A9-855A-D3B436450D93", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9654:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84209250-5078-4E8E-8532-98F652C12D79"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9634_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC0BDD69-8BC1-46D7-9655-CF913F0DA6F9", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9634:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C6C0B65-0C8C-4BCE-9B40-39B2EB5E5EA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9554p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A36DB7E2-8A18-4320-8E1B-77CD4D115608", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9554p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2BD9C75-AA02-47C1-94C7-BA5187B8CDF0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9554_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "473699C8-A35C-4F67-85A5-AB70C3C3995D", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9554:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A95FCDE4-82EF-4C54-A85D-960B36A46DD0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9534_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA2FB4A9-C883-4341-880F-EDE30F5275B3", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9534:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8FC239C-6B12-4F7C-A725-9D66AD39F7F6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9474f_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E5D8A84-122E-4A10-9FC3-F208B19BF5F8", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9474f:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1520823-129F-4F48-932B-1CA77D3446CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9454p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "537004D8-84C7-4369-A26B-D3DB83B30F5E", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9454p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "932E47BF-3831-4D72-9F26-89CA591692B8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9454_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27CFA9DB-772C-4375-9F7A-4B77E89325A6", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9454:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7FDDC36-A96D-419F-A4B5-8AEF9D5FEBE5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9374f_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "111CF9AA-F533-48CB-9A8B-36B54A31338F", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9374f:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "14BA8C50-B57A-4F6D-860B-790BD39249B0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9354p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D89ED2E-81EE-4B7A-B669-24A3C558C8F0", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9354p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EF0F7101-1B8B-454B-879F-8635CB16D5C7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9354_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C68FBBCF-0B6C-4BE3-A558-0A0CD8CA5816", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9354:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A152B84-4935-4517-BD9D-37471C281BDA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9334_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7219B700-3CA5-4A01-994A-D398E45761C8", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9334:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B1047C6-4627-4520-AFF7-5A0A623336F9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9274f_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D27B7AE-9F65-435A-8ADA-EFDE74AB1C32", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9274f:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "54EE0A4A-AA13-49CE-8825-407AD6B16B13"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9254_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22F6220C-EEFD-4A88-95DC-86652BF4E868", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9254:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AFDF951D-9B67-49CE-AD4A-B1052A484E65"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9224_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73C1A76F-0CF7-4F75-8142-13CB61AEDC91", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9224:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B085546F-4791-4096-A019-738A37353165"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9174f_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05E04E6A-AB17-4EA8-A6DB-D99E31A0E478", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9174f:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D7811418-4B63-4CCA-B81F-379FF0277673"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9124_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9F21CD9-AD47-4158-B06A-7BF5BEFBEE7D", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9124:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2761489D-AABE-4ADD-AE5B-B26C4424F18A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9684x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26E15633-2713-425B-B56B-0E7F406C9291", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9684x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "71A34603-6EB8-4D75-9391-8ADC35EA5EFE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9384x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28F264D8-503B-45EA-B302-72B60946FAF8", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9384x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6DC6F07-2E27-48C3-BD60-81496C2D3C62"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9184x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB7B338B-9718-4773-A9CD-B325E157D3C2", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9184x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C3085B2-AFDA-4C34-A2B6-40D599F7E907"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9754_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17C71132-E668-4D85-806C-FC7D230E9AA7", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9754:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4EF0ED85-2FCF-4DCB-9C7F-0B5EC5EC574C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9754s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D0CCB18-115B-497D-8788-8DDDD2ADEF40", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9754s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E74F229A-FDBD-4C3D-BE0B-9193E6E560ED"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_9734_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E97DA39-D9D9-42E7-9533-4411BF9CBA5F", "versionEndExcluding": "genoapi_1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_9734:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE0954B5-9B6E-4C0E-905B-1E4B3FD50B04"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5535C20-7053-4830-A0F2-6B8179A3FE2C", "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3995wx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "015BEF9F-7CFC-4A99-B9B4-FB58B3F35E31"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCDA0456-EB37-4F13-82C8-4531BD4375B2", "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3975wx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3D16B66-A4EC-422D-856A-A862ECE13FBE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1F318AA-C432-4328-A433-F7A293C31435", "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3955wx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0EDF7650-0A7D-48FF-AD78-2D2DBF3CD646"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55FF86B7-DE2B-4509-9C2F-A18806CDA346", "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3945wx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "85D99997-1389-493E-BDEA-9904A46E48EE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@amd.com"}
