CVE-2021-0148 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.4 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 17%

Affected Products (NVD)

Vendor	Product	Version
intel	ssd_d7-p5608_firmware	𝑥 < 2cv1r106
intel	ssd_d7-p5500_firmware	𝑥 < 1.2.0
intel	ssd_d7-p5600_firmware	𝑥 < 1.2.0
intel	ssd_d5-p4320_firmware	*
intel	ssd_d5-p4420_firmware	*
intel	ssd_d5-p4326_firmware	*
intel	ssd_dc_p4500_firmware	*
intel	ssd_dc_p4501_firmware	*
intel	ssd_dc_p4600_firmware	*
intel	ssd_dc_p4608_firmware	*
intel	ssd_d7-p5500_firmware	𝑥 < 2cv1c030
intel	ssd_d7-p5500_firmware	𝑥 < 2cv1r106
intel	ssd_d7-p5500_firmware	𝑥 < 2cv1l029
intel	ssd_d7-p5600_firmware	𝑥 < 2cv1l029
intel	ssd_d7-p5600_firmware	𝑥 < 2cv1c030

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-532 - Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00535.html

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00535.html