{"containers": {"cna": {"affected": [{"product": " EPYC\u2122 Processors ", "vendor": "AMD", "versions": [{"status": "affected", "version": "various "}]}], "datePublic": "2022-05-10T00:00:00", "descriptions": [{"lang": "en", "value": "Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA)."}], "problemTypes": [{"descriptions": [{"description": "tbd", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-05-11T16:24:22", "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"}], "source": {"advisory": "AMD-SB-1028", "discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@amd.com", "DATE_PUBLIC": "2022-05-10T20:00:00.000Z", "ID": "CVE-2021-26349", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": " EPYC\u2122 Processors ", "version": {"version_data": [{"version_affected": "=", "version_value": "various "}]}}]}, "vendor_name": "AMD"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA)."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "tbd"}]}]}, "references": {"reference_data": [{"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028", "refsource": "MISC", "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"}]}, "source": {"advisory": "AMD-SB-1028", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "assignerShortName": "AMD", "cveId": "CVE-2021-26349", "datePublished": "2022-05-10T00:00:00", "dateReserved": "2021-01-29T00:00:00", "dateUpdated": "2022-05-11T16:24:22", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B25C6225-69FF-4772-84F7-F560AAE3617E", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F900BDD-F094-41A6-9A23-31F53DBA95D4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1DB1651-2E51-434E-810F-83428B648E7A", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*", "matchCriteriaId": "2299ED50-B4D2-4BB3-AD87-56D552B84AE1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "717EA494-B9B9-4092-811C-C51C6ECB4322", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D698D3E-BB05-4C65-90F4-8DAE275CD6A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F117E00-F3D5-4884-8A17-59D23837EC65", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DFCB62-6CDF-4AD2-9265-1887E5780CA5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C499DD69-BE4B-4E43-B19C-C17E79947C51", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*", "matchCriteriaId": "98E1D79D-0CB0-4FD9-8A82-27CDFBFE07B2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA967C73-8108-4F41-BFFD-81946C02EB24", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBF0AFED-588A-4EFB-8C90-9280BC3A6720", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "95329A7D-ED5A-40AE-AF5E-B053236DBF77", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*", "matchCriteriaId": "77A0A47B-74A1-4731-92A8-BC10FFE58ECF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AD14E00-D597-4099-B4DF-58EE8EEE0B2E", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*", "matchCriteriaId": "52544912-FAA3-4025-A5FD-151B21CEC53B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2F110B6-28BA-4A4C-8CF7-CB5BFD46D74F", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8264DF4-47B4-4716-AE89-44AFA870D385", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1C80207-0203-44EB-B8E4-DBDD53786CEB", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*", "matchCriteriaId": "241E39FF-FE66-444C-A4C2-3D28C45341BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "84545E6A-E759-479C-93B7-65B172789853", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*", "matchCriteriaId": "02D08121-DC57-47D7-8214-23A209F0AF08", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0F1D942-1D5B-4C27-AE38-DF68F37A08E5", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E2B13CA-72F4-4CF6-9E12-62E6E9056A14", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6C66D2D-BFCB-430C-8A18-FC3C21D2BD40", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C474537-3006-41BA-8C3D-5C370E3ACECD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D96D652C-BAC8-4975-BA8C-D4C0F707668F", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1766FF1-77A9-4293-B826-F6A8FBD7AFBF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "05E3DEC2-7F6B-4520-8A02-C12948E1C65F", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*", "matchCriteriaId": "678C5F58-8AE9-46FF-8F01-4CF394C87A2C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB8E726E-ABB6-4A99-9834-CF16BA125598", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*", "matchCriteriaId": "71B9C24B-2C10-4826-A91B-E1C60665FBBE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "20F6AA60-E573-4034-BDCF-5C558DFB4BF5", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*", "matchCriteriaId": "9000686A-DC2B-4561-9C32-E90890EB2EBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "31595722-F102-447D-9BAE-9C36567342DD", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*", "matchCriteriaId": "B02B61B7-7DD3-4164-8D32-EB961E981BC9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "35815993-4C33-4039-8CB4-C60A955980AE", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F98FF1A-3A2B-4CED-AEA2-9C4F2AC2D8C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "954923A7-7AAD-474E-919A-B17F11B01DA0", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*", "matchCriteriaId": "D02B1C69-BAA4-485B-BE22-46BE321F9E4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEB3E11E-F0DB-4A4E-BEED-7C24EEBF6271", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*", "matchCriteriaId": "D07E922F-C1AB-469C-A1C1-9F9E58332DFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "789DECC1-7334-4252-8801-EE1269687F87", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*", "matchCriteriaId": "237FB33B-BF08-4E3E-8E83-EB0AD2F12A4B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2786E500-3840-428E-8B2B-A7FBB636F41F", "versionEndExcluding": "milanpi-sp3_1.0.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*", "matchCriteriaId": "180B3002-B3C5-48B5-8322-5B64B237C5B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA)."}, {"lang": "es", "value": "Un fallo en la asignaci\u00f3n de un nuevo ID de informe a un hu\u00e9sped importado puede resultar potencialmente en que una VM hu\u00e9sped SEV-SNP sea enga\u00f1ada para confiar en un Agente de Migraci\u00f3n (MA) deshonesto"}], "id": "CVE-2021-26349", "lastModified": "2022-05-20T14:18:45.360", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-11T17:15:08.427", "references": [{"source": "psirt@amd.com", "tags": ["Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}