Lucene search

IntelCVELIST:CVE-2022-44612

HistoryAug 11, 2023 - 2:37 a.m.

CVE-2022-44612

2023-08-1102:37:21

CWE-798

intel

www.cve.org

hard-coded credentials

intel unison software

information disclosure

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Use of hard-coded credentials in some Intel® Unison™ software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Unison(TM) software",
    "versions": [
      {
        "version": "before version 10.12",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2022-44612