CVE-2019-11139

CVSS V2 Low 2.1 CVSS V3 Medium 6

Description

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

Overview

CVE ID
CVE-2019-11139

Assigner
secure@intel.com

Vulnerability Status
Analyzed

Published Version
2019-11-14T19:15:13

Last Modified Date
2022-11-11T02:39:07

Weakness Enumerations

CWE	URL
CWE-754	http://cwe.mitre.org/data/definitions/754.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
		AND
cpe:2.3:o:debian:debian_linux:8.0:::::::*	1	OR
cpe:2.3:o:opensuse:leap:15.0:::::::*	1	OR
cpe:2.3:o:opensuse:leap:15.1:::::::*	1	OR
		AND
cpe:2.3:o:intel:xeon_8153_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8153:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8156_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8156:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8158_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8158:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8160_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8160:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8160f_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8160f:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8160m_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8160m:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8160t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8160t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8164_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8164:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8168_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8168:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8170_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8170:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8170m_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8170m:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8176_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8176:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8176f_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8176f:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8176m_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8176m:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8180_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8180:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_8180m_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_8180m:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_5115_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_5115:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_5118_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_5118:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_5119t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_5119t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_5120_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_5120:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_5120t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_5120t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_5122_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_5122:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6126_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6126:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6126f_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6126f:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6126t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6126t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6128_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6128:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6130_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6130:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6130f_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6130f:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6130t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6130t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6132_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6132:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6134_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6134:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6134m_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6134m:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6136_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6136:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6138_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6138:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6138f_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6138f:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6138t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6138t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6140_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6140:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6140m_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6140m:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6142_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6142:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6142f_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6142f:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6144_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6144:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6146_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6146:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6148_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6148:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6148f_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6148f:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6150_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6150:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6152_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6152:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_6154_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_6154:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4108_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4108:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4109t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4109t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4110_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4110:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4112_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4112:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4114_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4114:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4114t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4114t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4116_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4116:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_4116t_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_4116t:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_3104_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_3104:-:::::::*	0	OR
		AND
cpe:2.3:o:intel:xeon_3106_firmware:-:::::::*	1	OR
cpe:2.3:h:intel:xeon_3106:-:::::::*	0	OR

CVSS Version 2

Version
2.0

Vector String
AV:L/AC:L/Au:N/C:N/I:N/A:P

Access Vector
LOCAL

Access Compatibility
LOW

Authentication
NONE

Confidentiality Impact
NONE

Integrity Impact
NONE

Availability Impact
PARTIAL

Base Score
2.1

Severity
LOW

Exploitability Score
3.9

Impact Score
2.9

CVSS Version 3

Version
3.1

Vector String
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Attack Vector
LOCAL

Attack Compatibility
LOW

Privileges Required
HIGH

User Interaction
NONE

Scope
CHANGED

Confidentiality Impact
NONE

Availability Impact
HIGH

Base Score
6

Base Severity
MEDIUM

Exploitability Score
1.5

Impact Score
4

References

Reference URL	Reference Tags
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html	Mailing List Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_us	Third Party Advisory
https://support.f5.com/csp/article/K42433061?utm_source=f5support&utm_medium=RSS
https://seclists.org/bugtraq/2019/Dec/28
https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2019-11139
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11139

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 16:58:59				Added to TrackCVE
2022-12-04 06:21:48	2019-11-14T19:15Z	2019-11-14T19:15:13	CVE Published Date	updated
2022-12-04 06:21:48		2022-11-11T02:39:07	CVE Modified Date	updated
2022-12-04 06:21:48		Analyzed	Vulnerability Status	updated