Lucene search

[email protected]CVE-2023-38654

HistoryMay 16, 2024 - 9:15 p.m.

CVE-2023-38654

2024-05-1621:15:52

CWE-20

[email protected]

web.nvd.nist.gov

improper input validation

intel wifi software

denial of service

unauthenticated user

adjacent access

8.2 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Improper input validation for some some Intel® PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Affected configurations

Vulners

Node

intelproset\/wireless_wifiRange<23.20

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "some Intel(R) PROSet/Wireless WiFi software for Windows",
    "versions": [
      {
        "version": "before version 23.20",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01039.html

8.2 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-38654

nvd1 cvelist1 hp1