Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2018-3615

UNKNOWN
Published 2018-08-14T19:00:00Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-3615. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Intel Corporation

Multiple

Affected Versions:

Multiple

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-9w6j-7396-jgw4

Advisory Details

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-3615
WEB https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
WEB https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
WEB https://foreshadowattack.eu
WEB https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
WEB https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
WEB https://security.netapp.com/advisory/ntap-20180815-0001
WEB https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
WEB https://support.f5.com/csp/article/K35558453
WEB https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
WEB https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
WEB https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
WEB https://www.kb.cert.org/vuls/id/982149
WEB https://www.synology.com/support/security/Synology_SA_18_45
WEB http://support.lenovo.com/us/en/solutions/LEN-24163
WEB http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
WEB http://www.securityfocus.com/bid/105080
WEB http://www.securitytracker.com/id/1041451

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://www.kb.cert.org/vuls/id/982149
http://www.securitytracker.com/id/1041451
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
http://www.securityfocus.com/bid/105080
https://foreshadowattack.eu/
https://security.netapp.com/advisory/ntap-20180815-0001/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
https://support.f5.com/csp/article/K35558453
http://support.lenovo.com/us/en/solutions/LEN-24163
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
https://www.synology.com/support/security/Synology_SA_18_45
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
Published: 2018-08-14T19:00:00Z
Last Modified: 2024-09-16T19:40:45.253Z
Copied to clipboard!