CVE-2022-33972 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.1 MEDIUM	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N
intel	CNA	6.1 MEDIUM	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 12%

Vendor	Product	Version
intel	xeon_gold_5315y_firmware	-
intel	xeon_gold_5317_firmware	-
intel	xeon_gold_5318n_firmware	-
intel	xeon_gold_5318s_firmware	-
intel	xeon_gold_5318y_firmware	-
intel	xeon_gold_5320_firmware	-
intel	xeon_gold_5320t_firmware	-
intel	xeon_gold_6312u_firmware	-
intel	xeon_gold_6314u_firmware	-
intel	xeon_gold_6326_firmware	-
intel	xeon_gold_6330_firmware	-
intel	xeon_gold_6330n_firmware	-
intel	xeon_gold_6334_firmware	-
intel	xeon_gold_6336y_firmware	-
intel	xeon_gold_6338_firmware	-
intel	xeon_gold_6338n_firmware	-
intel	xeon_gold_6338t_firmware	-
intel	xeon_gold_6342_firmware	-
intel	xeon_gold_6346_firmware	-
intel	xeon_gold_6348_firmware	-
intel	xeon_gold_6354_firmware	-
intel	xeon_platinum_8351n_firmware	-
intel	xeon_platinum_8352m_firmware	-
intel	xeon_platinum_8352s_firmware	-
intel	xeon_platinum_8352v_firmware	-
intel	xeon_platinum_8352y_firmware	-
intel	xeon_platinum_8358_firmware	-
intel	xeon_platinum_8358p_firmware	-
intel	xeon_platinum_8360y_firmware	-
intel	xeon_platinum_8362_firmware	-
intel	xeon_platinum_8368_firmware	-
intel	xeon_platinum_8368q_firmware	-
intel	xeon_platinum_8380_firmware	-
intel	xeon_silver_4309y_firmware	-
intel	xeon_silver_4310_firmware	-
intel	xeon_silver_4310t_firmware	-
intel	xeon_silver_4314_firmware	-
intel	xeon_silver_4316_firmware	-
intel	xeon_gold_6330h_firmware	-
intel	xeon_platinum_8356h_firmware	-
intel	xeon_platinum_8360h_firmware	-
intel	xeon_platinum_8360hl_firmware	-
intel	xeon_gold_5318h_firmware	-
intel	xeon_gold_5320h_firmware	-
intel	xeon_gold_6328h_firmware	-
intel	xeon_gold_6328hl_firmware	-
intel	xeon_gold_6348h_firmware	-
intel	xeon_platinum_8353h_firmware	-
intel	xeon_platinum_8354h_firmware	-
intel	xeon_platinum_8376h_firmware	-
intel	xeon_platinum_8376hl_firmware	-
intel	xeon_platinum_8380h_firmware	-
intel	xeon_platinum_8380hl_firmware	-

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

intel-microcode

bullseye/non-free	3.20240813.1~deb11u1 fixed
bullseye/non-free (security)	3.20231114.1~deb11u1 fixed
bookworm/non-free-firmware	3.20240813.1~deb12u1 fixed
bookworm/non-free-firmware (security)	3.20231114.1~deb12u1 fixed
sid/non-free-firmware	3.20240910.1 fixed
trixie/non-free-firmware	3.20240910.1 fixed

Ubuntu Releases

Ubuntu Product

Codename

intel-microcode

kinetic	Fixed 3.20230214.0ubuntu0.22.10.1 released
jammy	Fixed 3.20230214.0ubuntu0.22.04.1 released
focal	Fixed 3.20230214.0ubuntu0.20.04.1 released
bionic	Fixed 3.20230214.0ubuntu0.18.04.1 released
xenial	Fixed 3.20230214.0ubuntu0.16.04.1+esm1 released
trusty	ignored

Common Weakness Enumeration

CWE-682 - Incorrect Calculation
The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

References

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00730.html

https://security.netapp.com/advisory/ntap-20230302-0012/