1. Home
  2. CVE Database
  3. CVE-2017-5754
MEDIUM · 5.6

CVE-2017-5754

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel an...

Vulnerability Description

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

CVSS Score

5.6

MEDIUM

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IntelAtom Cc2308
IntelAtom Ee3805
IntelAtom X3c3130
IntelAtom Zz2420
IntelCeleron Jj1750
IntelCeleron Nn2805
IntelCore I3330e
IntelCore I5430m
IntelCore I77y75
IntelCore M5y10
IntelCore M36y30
IntelCore M56y54
IntelCore M76y75
IntelPentium Jj2850
IntelPentium Nn3510
IntelXeone5502
IntelXeon Bronze 3104-
IntelXeon Bronze 3106-
IntelXeon E-1105C-
IntelXeon E31505m_v6

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2017-5754?

CVE-2017-5754 is a vulnerability with a CVSS score of 5.6 (MEDIUM). Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel an...

How severe is CVE-2017-5754?

CVE-2017-5754 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-5754?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Atom C, Intel Atom E, Intel Atom X3, Intel Atom Z, Intel Celeron J.