CVE-2020-4788

5.1MEDIUM

Key Information:

Vendor: IBM
Status: ViOS; Aix
Vendor: CVE Published:; 20 November 2020

Summary

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

Affected Version(s)

AIX 7.1

AIX 7.2

VIOS 3.1

References

https://www.ibm.com/support/pages/node/6370729

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/189296

vdb-entryx_refsource_XF

http://www.openwall.com/lists/oss-security/2020/11/20/3

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2020
Vulnerability Reserved
Dec 30, 2019