MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2022-37409

CVSS 4.7v3.1pub. 2023-05-10upd. 2024-11-21

Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Intel Integrated Performance Primitives Cryptography

    APP
    Intel
    < 2021.6
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2022-26083HIGH7.5ten sam produkt

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021....

CVE-2023-35121HIGH7.8ten sam produkt

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) on...

CVE-2024-21784MEDIUM5.4ten sam produkt

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authe...

CVE-2023-29162MEDIUM6.0ten sam produkt

Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolk...

CVE-2022-41646MEDIUM4.7ten sam produkt

Insufficient control flow management in the Intel(R) IPP Cryptography software before version 2021.6 may allow...