CVE-2018-3693
high-risk
Published 2018-07-10
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
Do I need to act?
~
1.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.6/10
Medium
LOCAL
/ HIGH complexity
Affected Products (20)
References (22)
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2384
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2390
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2395
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1946
Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0174
Third Party Advisory
https://cdrdv2.intel.com/v1/dl/getContent/685359
Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+Struxur...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20180823-0001/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2384
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2390
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2395
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1946
Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0174
Third Party Advisory
https://cdrdv2.intel.com/v1/dl/getContent/685359
Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+Struxur...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20180823-0001/
and 2 more references
52
/ 100
high-risk
Severity
15/34 · Moderate
Exploitability
4/34 · Minimal
Exposure
33/34 · Critical