PT-2023-13536 · Intel · Intel Ipp Cryptography

Elena Tyuleneva

Publicado

2023-05-10

Atualizado

2023-05-19

CVE-2022-37409

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Intel(R) IPP Cryptography software versions prior to 2021.6

Description The issue is related to insufficient control flow management, which may allow an authenticated user to potentially enable information disclosure via local access.

Recommendations For versions prior to 2021.6, update to version 2021.6 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Intel(R) IPP Cryptography software until a patch is applied.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-691

Identificadores relacionados

CVE-2022-37409

Produtos afetados

Intel Ipp Cryptography

PT-2023-13536 · Intel · Intel Ipp Cryptography

CVE-2022-37409

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6