vulnerability
Cisco XE: CVE-2018-3646: CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | Aug 14, 2018 | Jul 30, 2019 | Nov 13, 2023 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
Aug 14, 2018
Added
Jul 30, 2019
Modified
Nov 13, 2023
Description
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
Solution
cisco-xe-upgrade-latest
References
- BID-105080
- CERT-VN-982149
- CVE-2018-3646
- https://attackerkb.com/topics/CVE-2018-3646
- DEBIAN-DSA-4274
- DEBIAN-DSA-4279
- REDHAT-RHSA-2018:2384
- REDHAT-RHSA-2018:2387
- REDHAT-RHSA-2018:2388
- REDHAT-RHSA-2018:2389
- REDHAT-RHSA-2018:2390
- REDHAT-RHSA-2018:2391
- REDHAT-RHSA-2018:2392
- REDHAT-RHSA-2018:2393
- REDHAT-RHSA-2018:2394
- REDHAT-RHSA-2018:2395
- REDHAT-RHSA-2018:2396
- REDHAT-RHSA-2018:2402
- REDHAT-RHSA-2018:2403
- REDHAT-RHSA-2018:2404
- REDHAT-RHSA-2018:2602
- REDHAT-RHSA-2018:2603
- URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.