CVE-2018-12127
Description
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Related CPE's
References
CvssV3 impact
BaseSeverity | MEDIUM |
ConfidentialityImpact | HIGH |
AttackComplexity | HIGH |
Scope | CHANGED |
AttackVector | LOCAL |
AvailabilityImpact | NONE |
IntegrityImpact | NONE |
PrivilegesRequired | LOW |
BaseScore | 5.6 |
VectorString | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
Version | 3.0 |
UserInteraction | NONE |
CvssV2 impact
Version | 2.0 |
VectorString | AV:L/AC:M/Au:N/C:C/I:N/A:N |
AccessVector | LOCAL |
AccessComplexity | MEDIUM |
Authentication | NONE |
ConfidentialityImpact | COMPLETE |
IntegrityImpact | NONE |
AvailabilityImpact | NONE |
BaseScore | 4.699999809265137 |