Search for vulnerabilities
Vulnerability details: VCID-fpan-752d-aaas
Vulnerability ID VCID-fpan-752d-aaas
Aliases CVE-2018-3693
Summary Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
generic_textual High http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-3693.html
generic_textual High https://01.org/security/advisories/intel-oss-10002
rhas Important https://access.redhat.com/errata/RHSA-2019:1946
cvssv3 5.9 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3693.json
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00803 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.00934 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01025 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01045 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01148 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01192 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01192 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01192 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01192 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01192 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01192 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.01192 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
epss 0.12919 https://api.first.org/data/v1/epss?cve=CVE-2018-3693
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1581650
generic_textual High https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3693
cvssv3 7.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual High https://people.csail.mit.edu/vlk/spectre11.pdf
generic_textual High https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BCBS
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-3693.html
https://01.org/security/advisories/intel-oss-10002
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3693.json
https://api.first.org/data/v1/epss?cve=CVE-2018-3693
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3693
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://people.csail.mit.edu/vlk/spectre11.pdf
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BCBS
1581650 https://bugzilla.redhat.com/show_bug.cgi?id=1581650
RHSA-2019:1946 https://access.redhat.com/errata/RHSA-2019:1946
No exploits are available.
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3693.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.38972
EPSS Score 0.00089
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.