1. Home
  2. CVE Database
  3. CVE-2021-33117
MEDIUM · 5.5

CVE-2021-33117

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

Vulnerability Description

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IntelBios< mr7
IntelXeon Gold 5315Y-
IntelXeon Gold 5317-
IntelXeon Gold 5318H-
IntelXeon Gold 5318N-
IntelXeon Gold 5318S-
IntelXeon Gold 5318Y-
IntelXeon Gold 5320-
IntelXeon Gold 5320H-
IntelXeon Gold 5320T-
IntelXeon Gold 6312U-
IntelXeon Gold 6314U-
IntelXeon Gold 6326-
IntelXeon Gold 6328H-
IntelXeon Gold 6328Hl-
IntelXeon Gold 6330-
IntelXeon Gold 6330H-
IntelXeon Gold 6330N-
IntelXeon Gold 6334-
IntelXeon Gold 6336Y-

References

FAQ

What is CVE-2021-33117?

CVE-2021-33117 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

How severe is CVE-2021-33117?

CVE-2021-33117 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-33117?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Bios, Intel Xeon Gold 5315Y, Intel Xeon Gold 5317, Intel Xeon Gold 5318H, Intel Xeon Gold 5318N.