Vulnerability in Intel Nma1xxd128gpsu4
CVE-2023-22311
Improper access control in some Intel(R) Optane(TM) PMem 100 Series Management Software before version 01.00.00.3547 may allow an authenticated user to potentially enable escalation of privilege via local access.
EPSS: 0.002 (6.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Intel Nma1xxd128gpsu4
- Intel Nma1xxd128gpsuf
- Intel Nma1xxd256gpsu4
- Intel Nma1xxd256gpsuf
- Intel Nma1xxd512gpsu4
- Intel Nma1xxd512gpsuf
- Intel Optane_persistent_memory_firmware
- N/a Intel(r) Optane(tm) Pmem 100 Series Management Software — versions before version 01.00.00.3547
Weakness classification (CWE)
References
- secure@intel.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2023-22311?
- CVE-2023-22311 is a medium-severity vulnerability in Intel Nma1xxd128gpsu4, classified under Improper Access Control. CVSS score: 6.7/10. Published 2024-02-14.
- How severe is CVE-2023-22311?
- Medium severity. CVSS v3 base score is 6.7 out of 10.