Improper Access Control in 3rd Generation Intel Xeon Scalable Processors
CVE-2023-23908

6MEDIUM

Key Information:

Vendor: Intel
Status: 3rd Generation Intel(r) Xeon(r) Scalable Processors
Vendor: CVE Published:; 11 August 2023

What is CVE-2023-23908?

An improper access control vulnerability exists in certain 3rd Generation Intel Xeon Scalable processors. This flaw could potentially be exploited by a privileged user, allowing them to disclose sensitive information through local access methods. It is crucial for users of affected systems to review their access permissions and system configurations to mitigate this risk.

Affected Version(s)

3rd Generation Intel(R) Xeon(R) Scalable processors See references

References

http://www.intel.com/content/www/us/en/security-center/ad...

https://www.debian.org/security/2023/dsa-5474

https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2023
Vulnerability Reserved
Jan 27, 2023