{"api_version":"1","generated_at":"2026-04-23T05:25:02+00:00","cve":"CVE-2021-0009","urls":{"html":"https://cve.report/CVE-2021-0009","api":"https://cve.report/api/cve/CVE-2021-0009.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-0009","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-0009"},"summary":{"title":"CVE-2021-0009","description":"Out-of-bounds read in the firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access.","state":"PUBLIC","assigner":"secure@intel.com","published_at":"2021-08-11 13:15:00","updated_at":"2021-09-14 18:34:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00479.html","name":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00479.html","refsource":"MISC","tags":[],"title":"INTEL-SA-00479","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20210827-0009/","name":"https://security.netapp.com/advisory/ntap-20210827-0009/","refsource":"CONFIRM","tags":[],"title":"Intel SA-00479 Ethernet Controller Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-0009","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-0009","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"9","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"intel","cpe5":"ethernet_controller_e810","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"9","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"intel","cpe5":"ethernet_controller_e810_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-0009","ASSIGNER":"secure@intel.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters","version":{"version_data":[{"version_value":"before version 1.5.3.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"denial of service"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00479.html","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00479.html"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20210827-0009/","url":"https://security.netapp.com/advisory/ntap-20210827-0009/"}]},"description":{"description_data":[{"lang":"eng","value":"Out-of-bounds read in the firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access."}]}},"nvd":{"publishedDate":"2021-08-11 13:15:00","lastModifiedDate":"2021-09-14 18:34:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:N/A:N","accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":3.3},"severity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:intel:ethernet_controller_e810_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5.3.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:intel:ethernet_controller_e810:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"9","Ordinal":"189090","Title":"CVE-2021-0009","CVE":"CVE-2021-0009","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"9","Ordinal":"1","NoteData":"Out-of-bounds read in the firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"9","Ordinal":"2","NoteData":"2021-08-11","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"9","Ordinal":"3","NoteData":"2021-08-27","Type":"Other","Title":"Modified"}]}}}