Description

Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.

Related CPE's

a

intel

integrated_performance_primitives_cryptography

6

a

intel

sgx_dcap

2

a

intel

sgx_psw

2

a

intel

sgx_sdk

2

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-203

CVSS impact metrics

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

4.7 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-06-09T20:15:08.180

4 years ago

Last modified

2021-06-28T18:03:10.733

4 years ago