CVE-2018-12130

MEDIUM Year: 2018
CVSS v3 Score
5.6
Medium
CVSS v2 Score
4.7
Medium
Weakness Type
CWE-200
View all →

Vulnerability Description

Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Related Vulnerabilities

CVE-2003-20001

MEDIUM
CVSS:5.6(Medium)

An issue was discovered on Mitel ICP VoIP 3100 devices. When a remote user attempts to log in via TELNET during the login wait time and an external call comes in, the system incorrectly divulges infor...

CWE-2002003

CVE-2017-5754

MEDIUM
CVSS:5.6(Medium)

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel an...

CWE-2002017

CVE-2018-10472

MEDIUM
CVSS:5.6(Medium)

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying...

CWE-2002018

CVE-2018-12126

MEDIUM
CVSS:5.6(Medium)

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosur...

CWE-2002018

CVE-2018-12127

MEDIUM
CVSS:5.6(Medium)

Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via ...

CWE-2002018

CVE-2018-20941

MEDIUM
CVSS:5.6(Medium)

cPanel before 68.0.27 allows arbitrary file-read operations via restore adminbin (SEC-349).

CWE-2002018