CVE-2018-1944030.01.2019, 15:29ARM Trusted Firmware-A allows information disclosure.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.3 MEDIUMNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NmitreCNA------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 46%VendorProductVersionarmtrusted_firmware-a𝑥≤ 2.0𝑥= Vulnerable software versionsUbuntu ReleasesUbuntu ProductCodenamearm-trusted-firmwarenobleneededmanticignoredlunarignoredkineticignoredjammyneededimpishignoredhirsuteignoredgroovyignoredfocalneededeoanignoreddiscoignoredcosmicdnebionicdnexenialdnetrustydneKnown Exploits!https://github.com/ARM-software/arm-trusted-firmware/wiki/Trusted-Firmware-A-Security-Advisory-TFV-8https://github.com/ARM-software/arm-trusted-firmware/wiki/Trusted-Firmware-A-Security-Advisory-TFV-8Common Weakness EnumerationCWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Referenceshttps://github.com/ARM-software/arm-trusted-firmware/pull/1710https://github.com/ARM-software/arm-trusted-firmware/wiki/Trusted-Firmware-A-Security-Advisory-TFV-8https://github.com/ARM-software/arm-trusted-firmware/pull/1710https://github.com/ARM-software/arm-trusted-firmware/wiki/Trusted-Firmware-A-Security-Advisory-TFV-8
