Rule Category

OS-OTHER -- Snort has detected traffic targeting vulnerabilities in a non-standard operating system (not Windows, Linux, Solaris, or mobile). This does not include browser traffic or other software on the OS, but attacks against the OS itself.

Alert Message

OS-OTHER Intel x86 side-channel analysis information leak attempt

Rule Explanation

This event is generated when an x86 side-channel analysis information leak is detected. Impact: Attempted Information Leak Details: Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

CVE

Rule Vulnerability

CVE Additional Information

CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Details
Severity Base Score5.6
Impact Score4.0 Exploit Score1.1
Confidentiality ImpactHIGH Integrity ImpactNONE
Availability ImpactNONE Access Vector
Authentication Ease of Access
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Details
Severity Base Score5.6
Impact Score4.0 Exploit Score1.1
Confidentiality ImpactHIGH Integrity ImpactNONE
Availability ImpactNONE Access Vector
Authentication Ease of Access
CVE-2017-5754
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Details
Severity Base Score5.6
Impact Score4.0 Exploit Score1.1
Confidentiality ImpactHIGH Integrity ImpactNONE
Availability ImpactNONE Access Vector
Authentication Ease of Access