Lucene search

IntelCVELIST:CVE-2023-32279

HistoryNov 14, 2023 - 7:04 p.m.

CVE-2023-32279

2023-11-1419:04:39

CWE-284

intel

www.cve.org

cve-2023-32279

user mode driver

intel connectivity performance suite

information disclosure

network access

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.4%

JSON

Improper access control in user mode driver for some Intel® Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Connectivity Performance Suite",
    "versions": [
      {
        "version": "before version 2.1123.214.2",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00944.html

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.4%

JSON

Related for CVELIST:CVE-2023-32279