HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-26083

CVSS 7.5v3.1pub. 2025-02-14upd. 2025-09-02

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
  • Intel Integrated Performance Primitives Cryptography

    APP
    Intel
    < 2021.5
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2023-35121HIGH7.8ten sam produkt

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) on...

CVE-2024-21784MEDIUM5.4ten sam produkt

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authe...

CVE-2023-29162MEDIUM6.0ten sam produkt

Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolk...

CVE-2022-41646MEDIUM4.7ten sam produkt

Insufficient control flow management in the Intel(R) IPP Cryptography software before version 2021.6 may allow...

CVE-2022-37409MEDIUM4.7ten sam produkt

Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allo...