CVE-2018-18095

Summary

CVE	CVE-2018-18095
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2019-07-11 21:15:00 UTC
Updated	2023-11-07 02:54:00 UTC
Description	Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Intel	Ssd Dc S4500	-	All	All	All
Hardware	Intel	Ssd Dc S4500	-	All	All	All
Operating System	Intel	Ssd Dc S4500 Firmware	All	All	All	All
Operating System	Intel	Ssd Dc S4500 Firmware	All	All	All	All
Hardware	Intel	Ssd Dc S4600	-	All	All	All
Hardware	Intel	Ssd Dc S4600	-	All	All	All
Operating System	Intel	Ssd Dc S4600 Firmware	All	All	All	All
Operating System	Intel	Ssd Dc S4600 Firmware	All	All	All	All

References

Reference	Source	Link	Tags
support.f5.com/csp/article/K62655863	CONFIRM	support.f5.com
INTEL-SA-00267	CONFIRM	www.intel.com	Patch, Vendor Advisory
myF5		support.f5.com
support.f5.com/csp/article/K62655863	CONFIRM	support.f5.com
Intel SSD Data Center Tool CVE-2018-18095 Software Local Privilege Escalation Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
Intel SSD DC S4500/S4600 Series Vulnerability - Lenovo Support US	CONFIRM	support.lenovo.com	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.