CVE-2019-14565

Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
intelsoftware_guard_extensions_sdk
2.3.100.49777
intelsoftware_guard_extensions_sdk
2.3.101.50222
intelsoftware_guard_extensions_sdk
2.4.100.51291
intelsoftware_guard_extensions_sdk
2.2.100.45311
intelsoftware_guard_extensions_sdk
2.3.100.46354
intelsoftware_guard_extensions_sdk
2.4.100.48163
intelsoftware_guard_extensions_sdk
2.5.100.49891
intelsoftware_guard_extensions_sdk
2.6.100.51363
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.f5.com/csp/article/K57201259?utm_source=f5support&amp%3Butm_medium=RSS
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00293.html
https://support.f5.com/csp/article/K57201259?utm_source=f5support&amp%3Butm_medium=RSS
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00293.html