Executive Summary

Informations
NameCVE-2018-5407First vendor Publication2018-11-15
VendorCveLast vendor Modification2019-05-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score1.9Attack RangeLocal
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score3.4AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407

CWE : Common Weakness Enumeration

%idName
100 %CWE-200Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Application517
Application283
Application1
Application3
Application3
Application1
Application1
Application3
Application6
Application1
Application2
Application78
Os4
Os2
Os1
Os2
Os1
Os1
Os1
Os1

Nessus® Vulnerability Scanner

DateDescription
2019-01-02Name : Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File : nessus_tns_2018_16.nasl - Type : ACT_GATHER_INFO
2019-01-02Name : Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File : nessus_tns_2018_17.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1434.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File : nodejs_2018_nov.nasl - Type : ACT_GATHER_INFO
2018-12-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4355.nasl - Type : ACT_GATHER_INFO
2018-12-10Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type : ACT_GATHER_INFO
2018-12-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4348.nasl - Type : ACT_GATHER_INFO
2018-11-23Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-325-01.nasl - Type : ACT_GATHER_INFO
2018-11-23Name : The remote Debian host is missing a security update.
File : debian_DLA-1586.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_6f170cf2e6b711e8a9a8b499baebfeaf.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/105897
CONFIRM https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://security.netapp.com/advisory/ntap-20181126-0001/
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.tenable.com/security/tns-2018-16
https://www.tenable.com/security/tns-2018-17
DEBIAN https://www.debian.org/security/2018/dsa-4348
https://www.debian.org/security/2018/dsa-4355
EXPLOIT-DB https://www.exploit-db.com/exploits/45785/
GENTOO https://security.gentoo.org/glsa/201903-10
MISC https://eprint.iacr.org/2018/1060.pdf
https://github.com/bbbrumley/portsmash
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
MLIST https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html
REDHAT https://access.redhat.com/errata/RHSA-2019:0483
https://access.redhat.com/errata/RHSA-2019:0651
https://access.redhat.com/errata/RHSA-2019:0652
UBUNTU https://usn.ubuntu.com/3840-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
DateInformations
2019-05-11 05:18:41
  • Multiple Updates
2019-04-24 21:19:43
  • Multiple Updates
2019-04-24 05:18:59
  • Multiple Updates
2019-04-24 00:18:56
  • Multiple Updates
2019-03-27 21:19:36
  • Multiple Updates
2019-03-27 00:19:09
  • Multiple Updates
2019-03-14 13:19:44
  • Multiple Updates
2019-03-05 21:19:22
  • Multiple Updates
2019-01-30 12:10:10
  • Multiple Updates
2019-01-17 21:19:21
  • Multiple Updates
2019-01-17 00:19:24
  • Multiple Updates
2018-12-21 17:19:15
  • Multiple Updates
2018-12-20 17:18:54
  • Multiple Updates
2018-12-19 21:19:42
  • Multiple Updates
2018-12-07 17:19:15
  • Multiple Updates
2018-12-01 17:19:01
  • Multiple Updates
2018-11-29 21:19:34
  • Multiple Updates
2018-11-27 17:20:19
  • Multiple Updates
2018-11-22 17:20:11
  • Multiple Updates
2018-11-16 17:19:09
  • Multiple Updates
2018-11-16 00:20:52
  • First insertion