Lucene search

[email protected]CVE-2024-22384

HistoryMay 16, 2024 - 9:16 p.m.

CVE-2024-22384

2024-05-1621:16:06

CWE-125

[email protected]

web.nvd.nist.gov

intel

oob read

information disclosure

local access

2.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

6 Medium

AI Score

Confidence

Low

1.5 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

8.7%

JSON

Out-of-bounds read for some Intel® Trace Analyzer and Collector software before version 2022.0.0 published Nov 2023 may allow an authenticated user to potentially enable information disclosure via local access.

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00983.html

2.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

6 Medium

AI Score

Confidence

Low

1.5 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

8.7%

JSON

Related for CVE-2024-22384

cvelist1