Description

Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.

Related CPE's

a

intel

integrated_performance_primitives_cryptography

6

a

intel

sgx_dcap

2

a

intel

sgx_psw

2

a

intel

sgx_sdk

2

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html

PatchVendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-203

CVSS impact metrics

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

4.7 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-06-09T18:15:08.180Z

4 years ago

Last modified

2024-11-21T04:41:40.300Z

1 year ago