Vulnerability Name:

CVE-2019-0126 (CCN-161006)

Assigned:2018-11-13
Published:2019-05-14
Updated:2021-06-21
Summary:Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.
CVSS v3 Severity:6.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H)
6.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
5.5 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:N/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2019-0126

Source: BID
Type: UNKNOWN
108485

Source: XF
Type: UNKNOWN
intel-cve20190126-priv-esc(161006)

Source: CONFIRM
Type: UNKNOWN
https://support.f5.com/csp/article/K37428370

Source: CCN
Type: Lenovo Security Advisory: LEN-26294
Intel Firmware Vulnerabilities

Source: CCN
Type: INTEL-SA-00223
2019.1 QSR UEFI Advisory

Source: MISC
Type: Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html

Vulnerable Configuration:Configuration 1:
  • cpe:/o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1637:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1627:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1622:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1602:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*

    • Configuration 17:
  • cpe:/o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2191:-:*:*:*:*:*:*:*

    • Configuration 18:
  • cpe:/o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*

    • Configuration 19:
  • cpe:/o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*

    • Configuration 20:
  • cpe:/o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*

    • Configuration 21:
  • cpe:/o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*

    • Configuration 22:
  • cpe:/o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*

    • Configuration 23:
  • cpe:/o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*

    • Configuration 24:
  • cpe:/o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*

    • Configuration 25:
  • cpe:/o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*

    • Configuration 26:
  • cpe:/o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*

    • Configuration 27:
  • cpe:/o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*

    • Configuration 28:
  • cpe:/o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1559:-:*:*:*:*:*:*:*

    • Configuration 29:
  • cpe:/o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1529:-:*:*:*:*:*:*:*

    • Configuration 30:
  • cpe:/o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1539:-:*:*:*:*:*:*:*

    • Configuration 31:
  • cpe:/o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1567:-:*:*:*:*:*:*:*

    • Configuration 32:
  • cpe:/o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1557:-:*:*:*:*:*:*:*

    • Configuration 33:
  • cpe:/o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1577:-:*:*:*:*:*:*:*

    • Configuration 34:
  • cpe:/o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1571:-:*:*:*:*:*:*:*

    • Configuration 35:
  • cpe:/o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1528:-:*:*:*:*:*:*:*

    • Configuration 36:
  • cpe:/o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1541:-:*:*:*:*:*:*:*

    • Configuration 37:
  • cpe:/o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1518:-:*:*:*:*:*:*:*

    • Configuration 38:
  • cpe:/o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1521:-:*:*:*:*:*:*:*

    • Configuration 39:
  • cpe:/o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1531:-:*:*:*:*:*:*:*

    • Configuration 40:
  • cpe:/o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1548:-:*:*:*:*:*:*:*

    • Configuration 41:
  • cpe:/o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1527:-:*:*:*:*:*:*:*

    • Configuration 42:
  • cpe:/o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1537:-:*:*:*:*:*:*:*

    • Configuration 43:
  • cpe:/o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1540:-:*:*:*:*:*:*:*

    • Configuration 44:
  • cpe:/o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_d-1520:-:*:*:*:*:*:*:*

    • Configuration 45:
  • cpe:/o:intel:xeon_platinum_processors_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_platinum_processors:-:*:*:*:*:*:*:*

    • Configuration 46:
  • cpe:/o:intel:xeon_gold_processors_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_gold_processors:-:*:*:*:*:*:*:*

    • Configuration 47:
  • cpe:/o:intel:xeon_silver_processors_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_silver_processors:-:*:*:*:*:*:*:*

    • Configuration 48:
  • cpe:/o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:intel:xeon_bronze_processors:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    intel xeon d-1649n firmware -
    intel xeon d-1649n -
    intel xeon d-1633n firmware -
    intel xeon d-1633n -
    intel xeon d-1637 firmware -
    intel xeon d-1637 -
    intel xeon d-1627 firmware -
    intel xeon d-1627 -
    intel xeon d-1623n firmware -
    intel xeon d-1623n -
    intel xeon d-1622 firmware -
    intel xeon d-1622 -
    intel xeon d-1653n firmware -
    intel xeon d-1653n -
    intel xeon d-1602 firmware -
    intel xeon d-1602 -
    intel xeon d-2141i firmware -
    intel xeon d-2141i -
    intel xeon d-2177nt firmware -
    intel xeon d-2177nt -
    intel xeon d-2161i firmware -
    intel xeon d-2161i -
    intel xeon d-2143it firmware -
    intel xeon d-2143it -
    intel xeon d-2146nt firmware -
    intel xeon d-2146nt -
    intel xeon d-2145nt firmware -
    intel xeon d-2145nt -
    intel xeon d-2123it firmware -
    intel xeon d-2123it -
    intel xeon d-2173it firmware -
    intel xeon d-2173it -
    intel xeon d-2191 firmware -
    intel xeon d-2191 -
    intel xeon d-2187nt firmware -
    intel xeon d-2187nt -
    intel xeon d-2142it firmware -
    intel xeon d-2142it -
    intel xeon d-2163it firmware -
    intel xeon d-2163it -
    intel xeon d-2183it firmware -
    intel xeon d-2183it -
    intel xeon d-2166nt firmware -
    intel xeon d-2166nt -
    intel xeon d-1513n firmware -
    intel xeon d-1513n -
    intel xeon d-1533n firmware -
    intel xeon d-1533n -
    intel xeon d-1553n firmware -
    intel xeon d-1553n -
    intel xeon d-1523n firmware -
    intel xeon d-1523n -
    intel xeon d-1543n firmware -
    intel xeon d-1543n -
    intel xeon d-1559 firmware -
    intel xeon d-1559 -
    intel xeon d-1529 firmware -
    intel xeon d-1529 -
    intel xeon d-1539 firmware -
    intel xeon d-1539 -
    intel xeon d-1567 firmware -
    intel xeon d-1567 -
    intel xeon d-1557 firmware -
    intel xeon d-1557 -
    intel xeon d-1577 firmware -
    intel xeon d-1577 -
    intel xeon d-1571 firmware -
    intel xeon d-1571 -
    intel xeon d-1528 firmware -
    intel xeon d-1528 -
    intel xeon d-1541 firmware -
    intel xeon d-1541 -
    intel xeon d-1518 firmware -
    intel xeon d-1518 -
    intel xeon d-1521 firmware -
    intel xeon d-1521 -
    intel xeon d-1531 firmware -
    intel xeon d-1531 -
    intel xeon d-1548 firmware -
    intel xeon d-1548 -
    intel xeon d-1527 firmware -
    intel xeon d-1527 -
    intel xeon d-1537 firmware -
    intel xeon d-1537 -
    intel xeon d-1540 firmware -
    intel xeon d-1540 -
    intel xeon d-1520 firmware -
    intel xeon d-1520 -
    intel xeon platinum processors firmware -
    intel xeon platinum processors -
    intel xeon gold processors firmware -
    intel xeon gold processors -
    intel xeon silver processors firmware -
    intel xeon silver processors -
    intel xeon bronze processors firmware -
    intel xeon bronze processors -