CVE-2022-46299

2023-11-1419:15:14

CWE-691

[email protected]

web.nvd.nist.gov

intel unison

control flow management

information disclosure

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

9.0%

JSON

Insufficient control flow management for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.

Affected configurations

Nvd

Node

intelunison_softwareRange<20.14.5683.0

AND

microsoftwindowsMatch-

Node

intelunison_softwareRange<20.14.4244

AND

googleandroidMatch-

Node

intelunison_softwareRange<20.14.2.3053

AND

appleiphone_osMatch-

VendorProductVersionCPE
intelunison_software*cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	unison_software	*	cpe:2.3:a:intel:unison_software::::::::
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*