CVE-2021-33117

Summary

CVE	CVE-2021-33117
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-05-12 17:15:00 UTC
Updated	2022-10-26 22:48:00 UTC
Description	Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Intel	Bios	All	All	All	All
Hardware	Intel	Xeon Gold 5315y	-	All	All	All
Hardware	Intel	Xeon Gold 5317	-	All	All	All
Hardware	Intel	Xeon Gold 5318h	-	All	All	All
Hardware	Intel	Xeon Gold 5318n	-	All	All	All
Hardware	Intel	Xeon Gold 5318s	-	All	All	All
Hardware	Intel	Xeon Gold 5318y	-	All	All	All
Hardware	Intel	Xeon Gold 5320	-	All	All	All
Hardware	Intel	Xeon Gold 5320h	-	All	All	All
Hardware	Intel	Xeon Gold 5320t	-	All	All	All
Hardware	Intel	Xeon Gold 6312u	-	All	All	All
Hardware	Intel	Xeon Gold 6314u	-	All	All	All
Hardware	Intel	Xeon Gold 6326	-	All	All	All
Hardware	Intel	Xeon Gold 6328h	-	All	All	All
Hardware	Intel	Xeon Gold 6328hl	-	All	All	All
Hardware	Intel	Xeon Gold 6330	-	All	All	All
Hardware	Intel	Xeon Gold 6330h	-	All	All	All
Hardware	Intel	Xeon Gold 6330n	-	All	All	All
Hardware	Intel	Xeon Gold 6334	-	All	All	All
Hardware	Intel	Xeon Gold 6336y	-	All	All	All
Hardware	Intel	Xeon Gold 6338	-	All	All	All
Hardware	Intel	Xeon Gold 6338n	-	All	All	All
Hardware	Intel	Xeon Gold 6338t	-	All	All	All
Hardware	Intel	Xeon Gold 6342	-	All	All	All
Hardware	Intel	Xeon Gold 6346	-	All	All	All
Hardware	Intel	Xeon Gold 6348	-	All	All	All
Hardware	Intel	Xeon Gold 6348h	-	All	All	All
Hardware	Intel	Xeon Gold 6354	-	All	All	All
Hardware	Intel	Xeon Platinum 8351n	-	All	All	All
Hardware	Intel	Xeon Platinum 8352m	-	All	All	All
Hardware	Intel	Xeon Platinum 8352s	-	All	All	All
Hardware	Intel	Xeon Platinum 8352v	-	All	All	All
Hardware	Intel	Xeon Platinum 8352y	-	All	All	All
Hardware	Intel	Xeon Platinum 8353h	-	All	All	All
Hardware	Intel	Xeon Platinum 8354h	-	All	All	All
Hardware	Intel	Xeon Platinum 8356h	-	All	All	All
Hardware	Intel	Xeon Platinum 8358	-	All	All	All
Hardware	Intel	Xeon Platinum 8358p	-	All	All	All
Hardware	Intel	Xeon Platinum 8360h	-	All	All	All
Hardware	Intel	Xeon Platinum 8360hl	-	All	All	All
Hardware	Intel	Xeon Platinum 8360y	-	All	All	All
Hardware	Intel	Xeon Platinum 8362	-	All	All	All
Hardware	Intel	Xeon Platinum 8368	-	All	All	All
Hardware	Intel	Xeon Platinum 8368q	-	All	All	All
Hardware	Intel	Xeon Platinum 8376h	-	All	All	All
Hardware	Intel	Xeon Platinum 8376hl	-	All	All	All
Hardware	Intel	Xeon Platinum 8380	-	All	All	All
Hardware	Intel	Xeon Platinum 8380h	-	All	All	All
Hardware	Intel	Xeon Platinum 8380hl	-	All	All	All
Hardware	Intel	Xeon Silver 4309y	-	All	All	All
Hardware	Intel	Xeon Silver 4310	-	All	All	All
Hardware	Intel	Xeon Silver 4310t	-	All	All	All
Hardware	Intel	Xeon Silver 4314	-	All	All	All
Hardware	Intel	Xeon Silver 4316	-	All	All	All
Operating System	Netapp	Fas/aff Bios	-	All	All	All

References

Reference	Source	Link	Tags
CVE-2021-33117 Intel BIOS Firmware Vulnerability in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
INTEL-SA-00586	MISC	www.intel.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

180257 Debian Security Update for intel-microcode (CVE-2021-33117)
198836 Ubuntu Security Notification for Intel Microcode Vulnerabilities (USN-5486-1)