Improper Access Control in Intel Ethernet Network Controller E810
CVE-2021-0198

4.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ethernet Network Controller E810
Vendor: CVE Published:; 17 November 2021

Summary

The vulnerability involves improper access control within the firmware of the Intel Ethernet Network Controller E810 prior to version 1.5.5.6. This security flaw may permit a privileged user to trigger a denial of service condition through local access, potentially disrupting network operations and affecting system availability.

Affected Version(s)

Intel(R) Ethernet Network Controller E810 before version 1.5.5.6

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20211210-0004/

x_refsource_CONFIRM

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 17, 2021
Vulnerability Reserved
Oct 22, 2020