PT-2023-23699 · Intel · Intel On Demand
Marcin Kolasinski
·
Published
2023-11-14
·
Updated
2023-11-21
·
CVE-2023-32283
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Intel(R) On Demand software versions prior to 1.16.2
Intel(R) On Demand software versions prior to 2.1.1
Intel(R) On Demand software versions prior to 3.1.0
Description
The issue involves the insertion of sensitive information into a log file in Intel(R) On Demand software, potentially allowing an authenticated user to enable information disclosure via local access.
Recommendations
For versions prior to 1.16.2, update to version 1.16.2 or later.
For versions prior to 2.1.1, update to version 2.1.1 or later.
For versions prior to 3.1.0, update to version 3.1.0 or later.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel On Demand