Lucene search

[email protected]NVD:CVE-2021-33147

HistoryFeb 09, 2022 - 11:15 p.m.

CVE-2021-33147

2022-02-0923:15:15

CWE-754

[email protected]

web.nvd.nist.gov

intel ipp crypto

conditions check

information disclosure

authenticated user

local access

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

Improper conditions check in the Intel® IPP Crypto library before version 2021.2 may allow an authenticated user to potentially enable information disclosure via local access.

Affected configurations

Nvd

Node

intelintegrated_performance_primitives_cryptographyRange<2021.2

VendorProductVersionCPE
intelintegrated_performance_primitives_cryptography*cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	integrated_performance_primitives_cryptography	*	cpe:2.3:a:intel:integrated_performance_primitives_cryptography::::::::

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00600.html

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2021-33147

cvelist1 osv1 prion1 cve1 intel1