PT-2022-14923 · Intel · Dsp Builder Pro For Intel Quartus Prime Pro Edition

Published

2022-02-09

Updated

2022-02-15

CVE-2022-21205

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition versions prior to 21.3

Description The issue is related to an improper restriction of XML external entity reference, which may allow an unauthenticated user to potentially enable information disclosure via network access.

Recommendations For versions prior to 21.3, update to version 21.3 or later to resolve the issue.

Fix

XXE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-611

Related Identifiers

CVE-2022-21205

Affected Products

Dsp Builder Pro For Intel Quartus Prime Pro Edition

PT-2022-14923 · Intel · Dsp Builder Pro For Intel Quartus Prime Pro Edition

CVE-2022-21205

Weakness Enumeration

Related Identifiers

Affected Products

References · 3