CVE-2020-12309

MEDIUM

Intel Ssd Pro 6000p Firmware - Insufficiently Protected Credentials

Title source: rule

Description

Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.

References (1)

[Vendor Advisory] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362

Scores

CVSS v3 4.6

EPSS 0.0008

EPSS Percentile 23.1%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522

Status published

Affected Products (15)

intel/ssd_pro_6000p_firmware < psf131p

intel/ssd_pro_5450s_firmware < lhf005p

intel/ssd_e_5100s_firmware < lhf004e

intel/ssd_pro_5400s_firmware < lbf017p

intel/ssd_pro_7600p_firmware < 005p

intel/ssd_760p_firmware < 005c

intel/ssd_e_6100p_firmware < 005e

intel/ssd_660p_firmware < 004c

intel/optane_ssd_905p_firmware < e2010480

intel/optane_ssd_900p_firmware < e2010480

intel/ssd_dc_p4510_firmware < vdv10170

intel/ssd_dc_p4610_firmware < vdv10170

intel/ssd_dc_p4800x_firmware < e2010485

intel/ssd_dc_p4801x_firmware < e2010485

intel/ssd_dc_p4101_firmware < 008d

Timeline

Published Nov 12, 2020

Tracked Since Feb 18, 2026