MEDIUM✓ PATCH🇬🇧 English

CVE-2022-37409

CVSS 4.7v3.1pub. 2023-05-10upd. 2024-11-21

Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Intel Integrated Performance Primitives Cryptography

    APP
    Intel
    < 2021.6
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2022-26083HIGH7.5ten sam produkt

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021....

CVE-2023-35121HIGH7.8ten sam produkt

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) on...

CVE-2024-21784MEDIUM5.4ten sam produkt

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authe...

CVE-2023-29162MEDIUM6.0ten sam produkt

Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolk...

CVE-2022-41646MEDIUM4.7ten sam produkt

Insufficient control flow management in the Intel(R) IPP Cryptography software before version 2021.6 may allow...