Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00639
HistoryFeb 08, 2022 - 12:00 a.m.

Intel® Trace Analyzer and Collector Advisory

2022-02-0800:00:00
Intel Security Center
www.intel.com
13

0.0004 Low

EPSS

Percentile

12.6%

JSON

Summary:

Potential security vulnerabilities in the Intel® Trace Analyzer and Collector may allow denial of service or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities.

Vulnerability Details:

CVEID: CVE-2022-21133

Description: Out-of-bounds read in the Intel® Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 5.6 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21226

Description: Out-of-bounds read in the Intel® Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L****

CVEID: CVE-2022-21218

Description: Uncaught exception in the Intel® Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 4.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CVEID: CVE-2022-21156

Description: Access of uninitialized pointer in the Intel® Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 3.6 Low

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L****

Affected Products:

Intel® Trace Analyzer and Collector before version 2021.5.

Recommendations:

Intel recommends updating the Intel® Trace Analyzer and Collector to version 2021.5 or later.

Updates are available for download at this location: <https://www.intel.com/content/www/us/en/develop/documentation/get-started-with-itac/top.html&gt;

Acknowledgements:

Intel would like to thank Star Labs for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

prion 4
cvelist 4
cve 4
nvd 4
prion
prion
Design/Logic Flaw
2022-02-09 23:15:00
Information disclosure
2022-02-09 23:15:00
Information disclosure
2022-02-09 23:15:00
cvelist
cvelist
CVE-2022-21226
2022-02-09 22:04:54
CVE-2022-21218
2022-02-09 22:04:55
CVE-2022-21133
2022-02-09 22:04:48
cve
cve
CVE-2022-21133
2022-02-09 23:15:17
CVE-2022-21226
2022-02-09 23:15:18
CVE-2022-21156
2022-02-09 23:15:17
nvd
nvd
CVE-2022-21133
2022-02-09 23:15:17
CVE-2022-21156
2022-02-09 23:15:17
CVE-2022-21226
2022-02-09 23:15:18

0.0004 Low

EPSS

Percentile

12.6%

JSON
Related for INTEL:INTEL-SA-00639
prion4cvelist4cve4nvd4