How severe is CVE-2019-11091?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.6 out of 10.

What type of vulnerability is CVE-2019-11091?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2019-11091 - MEDIUM Severity | CVSS 5.6

Vulnerability Description

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Related Vulnerabilities

CVE-2005-0109

MEDIUM

CVSS:5.6(Medium)

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, m...

NVD-CWE-Other2005

CVE-2006-0755

MEDIUM

CVSS:5.6(Medium)

Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary commands via the baseDir parameter in (1...

NVD-CWE-Other2006

CVE-2016-5242

MEDIUM

CVSS:5.6(Medium)

The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS c...

NVD-CWE-Other2016

CVE-2017-1002102

MEDIUM

CVSS:5.6(Medium)

In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary ...

NVD-CWE-Other2017

CVE-2017-12547

MEDIUM

CVSS:5.6(Medium)

A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

NVD-CWE-Other2017

CVE-2017-12548

MEDIUM

CVSS:5.6(Medium)

A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

NVD-CWE-Other2017