CVE-2021-0145 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
intel	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 32%

Vendor	Product	Version
netapp	fas\/aff_bios	-
intel	celeron_6305	-
intel	celeron_6305e	-
intel	celeron_6600he	-
intel	core_i3-1000g1	-
intel	core_i3-1000g4	-
intel	core_i3-1005g1	-
intel	core_i3-11100he	-
intel	core_i3-1110g4	-
intel	core_i3-1115g4	-
intel	core_i3-1115g4e	-
intel	core_i3-1115gre	-
intel	core_i3-1120g4	-
intel	core_i3-1125g4	-
intel	core_i5-1030g4	-
intel	core_i5-1030g7	-
intel	core_i5-1035g1	-
intel	core_i5-1035g4	-
intel	core_i5-1035g7	-
intel	core_i5-11260h	-
intel	core_i5-11300h	-
intel	core_i5-1130g7	-
intel	core_i5-11320h	-
intel	core_i5-1135g7	-
intel	core_i5-11400	-
intel	core_i5-11400f	-
intel	core_i5-11400h	-
intel	core_i5-11400t	-
intel	core_i5-1140g7	-
intel	core_i5-1145g7	-
intel	core_i5-1145g7e	-
intel	core_i5-1145gre	-
intel	core_i5-11500	-
intel	core_i5-11500h	-
intel	core_i5-11500t	-
intel	core_i5-1155g7	-
intel	core_i5-11600	-
intel	core_i5-11600k	-
intel	core_i5-11600kf	-
intel	core_i5-11600t	-
intel	core_i7-1060g7	-
intel	core_i7-1065g7	-
intel	core_i7-11370h	-
intel	core_i7-11375h	-
intel	core_i7-11390h	-
intel	core_i7-1160g7	-
intel	core_i7-1165g7	-
intel	core_i7-11700	-
intel	core_i7-11700f	-
intel	core_i7-11700k	-
intel	core_i7-11700kf	-
intel	core_i7-11700t	-
intel	core_i7-11800h	-
intel	core_i7-1180g7	-
intel	core_i7-11850h	-
intel	core_i7-11850he	-
intel	core_i7-1185g7	-
intel	core_i7-1185g7e	-
intel	core_i7-1185gre	-
intel	core_i7-1195g7	-
intel	core_i9-11900	-
intel	core_i9-11900f	-
intel	core_i9-11900h	-
intel	core_i9-11900k	-
intel	core_i9-11900kf	-
intel	core_i9-11900t	-
intel	core_i9-11950h	-
intel	core_i9-11980hk	-
intel	pentium_gold_7505	-
intel	xeon_e-2314	-
intel	xeon_e-2324g	-
intel	xeon_e-2334	-
intel	xeon_e-2336	-
intel	xeon_e-2356g	-
intel	xeon_e-2374g	-
intel	xeon_e-2378	-
intel	xeon_e-2378g	-
intel	xeon_e-2386g	-
intel	xeon_e-2388g	-
intel	xeon_gold_5300	-
intel	xeon_gold_6300	-
intel	xeon_platinum_8321hc	-
intel	xeon_platinum_8351n	-
intel	xeon_platinum_8352m	-
intel	xeon_platinum_8352s	-
intel	xeon_platinum_8352v	-
intel	xeon_platinum_8352y	-
intel	xeon_platinum_8353h	-
intel	xeon_platinum_8354h	-
intel	xeon_platinum_8356h	-
intel	xeon_platinum_8358	-
intel	xeon_platinum_8358p	-
intel	xeon_platinum_8360	-
intel	xeon_platinum_8360h	-
intel	xeon_platinum_8360hl	-
intel	xeon_platinum_8360y	-
intel	xeon_platinum_8362	-
intel	xeon_platinum_8368	-
intel	xeon_platinum_8368q	-
intel	xeon_platinum_8376h	-
intel	xeon_platinum_8376hl	-
intel	xeon_platinum_8380	-
intel	xeon_platinum_8380h	-
intel	xeon_platinum_8380hl	-
intel	xeon_silver_4300	-
intel	xeon_w-11155mle	-
intel	xeon_w-11155mre	-
intel	xeon_w-11555mle	-
intel	xeon_w-11555mre	-
intel	xeon_w-11855m	-
intel	xeon_w-11865mle	-
intel	xeon_w-11865mre	-
intel	xeon_w-11955m	-
intel	xeon_w-1300	-
intel	xeon_w-1350	-
intel	xeon_w-1350p	-
intel	xeon_w-1370	-
intel	xeon_w-1370p	-
intel	xeon_w-1390	-
intel	xeon_w-1390p	-
intel	xeon_w-1390t	-

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

intel-microcode

bullseye/non-free	3.20240813.1~deb11u1 fixed
bullseye/non-free (security)	3.20231114.1~deb11u1 fixed
bookworm/non-free-firmware	3.20240813.1~deb12u1 fixed
bookworm/non-free-firmware (security)	3.20231114.1~deb12u1 fixed
sid/non-free-firmware	3.20240910.1 fixed
trixie/non-free-firmware	3.20240910.1 fixed

Ubuntu Releases

Ubuntu Product

Codename

intel-microcode

kinetic	Fixed 3.20220207.1ubuntu1 released
jammy	Fixed 3.20220510.0ubuntu0.22.04.1 released
impish	Fixed 3.20220510.0ubuntu0.21.10.1 released
focal	Fixed 3.20220510.0ubuntu0.20.04.1 released
bionic	Fixed 3.20220510.0ubuntu0.18.04.1 released
xenial	Fixed 3.20220510.0ubuntu0.16.04.1+esm1 released
trusty	ignored

Common Weakness Enumeration

CWE-665 - Improper Initialization
The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

References

https://security.netapp.com/advisory/ntap-20220210-0009/

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00561.html

https://security.netapp.com/advisory/ntap-20220210-0009/

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00561.html