Attacker Value
Moderate
(1 user assessed)
Exploitability
Very Low
(1 user assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
2

CVE-2017-5715

Disclosure Date: January 04, 2018
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Collection
Techniques
Validation
Validated
Credential Access
Techniques
Validation
Validated

Description

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Add Assessment

CVSS V3 Severity and Metrics
Base Score:
5.6 Medium
Impact Score:
4
Exploitability Score:
1.1
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector (AV):
Local
Attack Complexity (AC):
High
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Changed
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None

General Information

Vendors

  • Intel Corporation

Products

  • Microprocessors with Speculative Execution

References

Advisory

Additional Info

Technical Analysis