CVE-2023-22447

Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure via local access...

Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2

Summary An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality. Impact An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data th...

Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2

Summary A partial DoS vulnerability has been detected in the Reports section, exploitable by a malicious authenticated user forcing a report to be saved with its name set as null. Impact The reports section will be partially unavailable for all later attempts to use it, with the report list...

Information disclosure

Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure via local access...