diff --git a/2021/26xxx/CVE-2021-26251.json b/2021/26xxx/CVE-2021-26251.json index 4ee3e65f2bc..6a8c4b74514 100644 --- a/2021/26xxx/CVE-2021-26251.json +++ b/2021/26xxx/CVE-2021-26251.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-26251", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Distribution of OpenVINO(TM) Toolkit", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ] } diff --git a/2021/33xxx/CVE-2021-33064.json b/2021/33xxx/CVE-2021-33064.json index a4b9e2b8351..8ea292e890c 100644 --- a/2021/33xxx/CVE-2021-33064.json +++ b/2021/33xxx/CVE-2021-33064.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-33064", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) System Studio", + "version": { + "version_data": [ + { + "version_value": "all versions", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2021/33xxx/CVE-2021-33159.json b/2021/33xxx/CVE-2021-33159.json index 6a53f752c95..bfafd6d64b3 100644 --- a/2021/33xxx/CVE-2021-33159.json +++ b/2021/33xxx/CVE-2021-33159.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-33159", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) AMT", + "version": { + "version_data": [ + { + "version_value": "before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H" } ] } diff --git a/2021/33xxx/CVE-2021-33164.json b/2021/33xxx/CVE-2021-33164.json index bf79946c927..cb1b913a44e 100644 --- a/2021/33xxx/CVE-2021-33164.json +++ b/2021/33xxx/CVE-2021-33164.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-33164", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUCs", + "version": { + "version_data": [ + { + "version_value": "before version INWHL357.0046", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/21xxx/CVE-2022-21198.json b/2022/21xxx/CVE-2022-21198.json index c0a99862053..5907387fc65 100644 --- a/2022/21xxx/CVE-2022-21198.json +++ b/2022/21xxx/CVE-2022-21198.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-21198", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Processors", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.9, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H" } ] } diff --git a/2022/21xxx/CVE-2022-21794.json b/2022/21xxx/CVE-2022-21794.json index 77fc33f93b3..47478a999a1 100644 --- a/2022/21xxx/CVE-2022-21794.json +++ b/2022/21xxx/CVE-2022-21794.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-21794", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits", + "version": { + "version_data": [ + { + "version_value": "before version HN0067", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/25xxx/CVE-2022-25917.json b/2022/25xxx/CVE-2022-25917.json index 5752eb3a41e..c07341836f9 100644 --- a/2022/25xxx/CVE-2022-25917.json +++ b/2022/25xxx/CVE-2022-25917.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-25917", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Server Board M50CYP Family", + "version": { + "version_data": [ + { + "version_value": "before version R01.01.0005", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26006.json b/2022/26xxx/CVE-2022-26006.json index c309d8b6b56..4be923dbcd8 100644 --- a/2022/26xxx/CVE-2022-26006.json +++ b/2022/26xxx/CVE-2022-26006.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26006", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Processors", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26024.json b/2022/26xxx/CVE-2022-26024.json index e5e3a0e3107..c80305f38b1 100644 --- a/2022/26xxx/CVE-2022-26024.json +++ b/2022/26xxx/CVE-2022-26024.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26024", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN", + "version": { + "version_data": [ + { + "version_value": "before version 1.78.2.0.7", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26028.json b/2022/26xxx/CVE-2022-26028.json index 5fb39742f7b..6d7f39f5a65 100644 --- a/2022/26xxx/CVE-2022-26028.json +++ b/2022/26xxx/CVE-2022-26028.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26028", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) VTune(TM) Profiler software", + "version": { + "version_data": [ + { + "version_value": "before version 2022.2.0", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00676.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00676.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26045.json b/2022/26xxx/CVE-2022-26045.json index c90e596cfd2..71c47abd35e 100644 --- a/2022/26xxx/CVE-2022-26045.json +++ b/2022/26xxx/CVE-2022-26045.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26045", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.3, + "baseSeverity": "LOW", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L" } ] } diff --git a/2022/26xxx/CVE-2022-26047.json b/2022/26xxx/CVE-2022-26047.json index d2fe00601e5..555fbce54c0 100644 --- a/2022/26xxx/CVE-2022-26047.json +++ b/2022/26xxx/CVE-2022-26047.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26047", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ] } diff --git a/2022/26xxx/CVE-2022-26079.json b/2022/26xxx/CVE-2022-26079.json index 0bbd1e5b2f5..1071860dd77 100644 --- a/2022/26xxx/CVE-2022-26079.json +++ b/2022/26xxx/CVE-2022-26079.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26079", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26086.json b/2022/26xxx/CVE-2022-26086.json index 535065d7b65..a218d8bddbc 100644 --- a/2022/26xxx/CVE-2022-26086.json +++ b/2022/26xxx/CVE-2022-26086.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26086", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "PresentMon software maintained by Intel(R)", + "version": { + "version_data": [ + { + "version_value": "before version 1.7.1", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26124.json b/2022/26xxx/CVE-2022-26124.json index d6d593f618c..bb99605368a 100644 --- a/2022/26xxx/CVE-2022-26124.json +++ b/2022/26xxx/CVE-2022-26124.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26124", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits", + "version": { + "version_data": [ + { + "version_value": "before version CHAPLCEL.0059", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26341.json b/2022/26xxx/CVE-2022-26341.json index acfa881dbb1..e2a179fbec1 100644 --- a/2022/26xxx/CVE-2022-26341.json +++ b/2022/26xxx/CVE-2022-26341.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26341", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) AMT SDK, Intel(R) EMA and Intel(R) MC", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N" } ] } diff --git a/2022/26xxx/CVE-2022-26367.json b/2022/26xxx/CVE-2022-26367.json index 12545570d00..633b555e6a1 100644 --- a/2022/26xxx/CVE-2022-26367.json +++ b/2022/26xxx/CVE-2022-26367.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26367", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" } ] } diff --git a/2022/26xxx/CVE-2022-26369.json b/2022/26xxx/CVE-2022-26369.json index b0e3852913b..39bbc88368e 100644 --- a/2022/26xxx/CVE-2022-26369.json +++ b/2022/26xxx/CVE-2022-26369.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26369", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" } ] } diff --git a/2022/26xxx/CVE-2022-26508.json b/2022/26xxx/CVE-2022-26508.json index 43f6e730075..b3bdf88a845 100644 --- a/2022/26xxx/CVE-2022-26508.json +++ b/2022/26xxx/CVE-2022-26508.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26508", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SDP Tool", + "version": { + "version_data": [ + { + "version_value": "before version 3.0.0", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ] } diff --git a/2022/26xxx/CVE-2022-26513.json b/2022/26xxx/CVE-2022-26513.json index 74ab2198057..ca0963fd178 100644 --- a/2022/26xxx/CVE-2022-26513.json +++ b/2022/26xxx/CVE-2022-26513.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26513", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" } ] } diff --git a/2022/26xxx/CVE-2022-26845.json b/2022/26xxx/CVE-2022-26845.json index 64943e51a5c..89b913a522b 100644 --- a/2022/26xxx/CVE-2022-26845.json +++ b/2022/26xxx/CVE-2022-26845.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-26845", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) AMT", + "version": { + "version_data": [ + { + "version_value": "before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" } ] } diff --git a/2022/27xxx/CVE-2022-27187.json b/2022/27xxx/CVE-2022-27187.json index a31812e1b76..bf49e391b25 100644 --- a/2022/27xxx/CVE-2022-27187.json +++ b/2022/27xxx/CVE-2022-27187.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27187", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Quartus Prime Standard edition", + "version": { + "version_data": [ + { + "version_value": "before version 21.1 Patch 0.02std", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/27xxx/CVE-2022-27233.json b/2022/27xxx/CVE-2022-27233.json index 6df5897286e..d712f9b0bb9 100644 --- a/2022/27xxx/CVE-2022-27233.json +++ b/2022/27xxx/CVE-2022-27233.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27233", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XML injection in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Quartus Prime Pro and Standard editions", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ] } diff --git a/2022/27xxx/CVE-2022-27497.json b/2022/27xxx/CVE-2022-27497.json index 5fdd7ecb5fb..c135c71640a 100644 --- a/2022/27xxx/CVE-2022-27497.json +++ b/2022/27xxx/CVE-2022-27497.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27497", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) AMT", + "version": { + "version_data": [ + { + "version_value": "before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H" } ] } diff --git a/2022/27xxx/CVE-2022-27499.json b/2022/27xxx/CVE-2022-27499.json index 6cbf82f8c00..f2d9553d326 100644 --- a/2022/27xxx/CVE-2022-27499.json +++ b/2022/27xxx/CVE-2022-27499.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27499", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SGX SDK software", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 2.5, + "baseSeverity": "LOW", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N" } ] } diff --git a/2022/27xxx/CVE-2022-27638.json b/2022/27xxx/CVE-2022-27638.json index b95cb7b9d1d..c8d9fff946d 100644 --- a/2022/27xxx/CVE-2022-27638.json +++ b/2022/27xxx/CVE-2022-27638.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27638", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Advanced Link Analyzer Pro and Standard edition", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/27xxx/CVE-2022-27639.json b/2022/27xxx/CVE-2022-27639.json index 8c7e8205c06..62fc7b5715b 100644 --- a/2022/27xxx/CVE-2022-27639.json +++ b/2022/27xxx/CVE-2022-27639.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27639", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incomplete cleanup in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" } ] } diff --git a/2022/27xxx/CVE-2022-27874.json b/2022/27xxx/CVE-2022-27874.json index 05c36870343..4bc787b894c 100644 --- a/2022/27xxx/CVE-2022-27874.json +++ b/2022/27xxx/CVE-2022-27874.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27874", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/28xxx/CVE-2022-28126.json b/2022/28xxx/CVE-2022-28126.json index d399de26737..ced088484fe 100644 --- a/2022/28xxx/CVE-2022-28126.json +++ b/2022/28xxx/CVE-2022-28126.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-28126", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ] } diff --git a/2022/28xxx/CVE-2022-28611.json b/2022/28xxx/CVE-2022-28611.json index 8c0a4659665..f9895baa6df 100644 --- a/2022/28xxx/CVE-2022-28611.json +++ b/2022/28xxx/CVE-2022-28611.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-28611", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XMM(TM) 7560 Modem software", + "version": { + "version_data": [ + { + "version_value": "before version M2_7560_R_01.2146.00", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/28xxx/CVE-2022-28667.json b/2022/28xxx/CVE-2022-28667.json index 054a073e873..93db755a85a 100644 --- a/2022/28xxx/CVE-2022-28667.json +++ b/2022/28xxx/CVE-2022-28667.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-28667", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated user to potentially enable denial of service via adjacent access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) PROSet/Wireless WiFi software", + "version": { + "version_data": [ + { + "version_value": "before version 22.140", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ] } diff --git a/2022/29xxx/CVE-2022-29466.json b/2022/29xxx/CVE-2022-29466.json index 9bb7114c07c..f15b1937804 100644 --- a/2022/29xxx/CVE-2022-29466.json +++ b/2022/29xxx/CVE-2022-29466.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-29466", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SPS", + "version": { + "version_data": [ + { + "version_value": "before version SPS_E3_04.01.04.700.0", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H" } ] } diff --git a/2022/29xxx/CVE-2022-29486.json b/2022/29xxx/CVE-2022-29486.json index 6ad42cfb153..c12265ba86e 100644 --- a/2022/29xxx/CVE-2022-29486.json +++ b/2022/29xxx/CVE-2022-29486.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-29486", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Hyperscan library maintained by Intel(R)", + "version": { + "version_data": [ + { + "version_value": "all versions downloaded before 04/29/2022", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ] } diff --git a/2022/29xxx/CVE-2022-29515.json b/2022/29xxx/CVE-2022-29515.json index a7cee66b9e1..50c3fc71e45 100644 --- a/2022/29xxx/CVE-2022-29515.json +++ b/2022/29xxx/CVE-2022-29515.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-29515", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SPS", + "version": { + "version_data": [ + { + "version_value": "before versions SPS_E3_06.00.03.035.0", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ] } diff --git a/2022/29xxx/CVE-2022-29893.json b/2022/29xxx/CVE-2022-29893.json index 7cc5405ec3b..b010561c141 100644 --- a/2022/29xxx/CVE-2022-29893.json +++ b/2022/29xxx/CVE-2022-29893.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-29893", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) AMT", + "version": { + "version_data": [ + { + "version_value": "before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ] } diff --git a/2022/30xxx/CVE-2022-30297.json b/2022/30xxx/CVE-2022-30297.json index d0fe53573ee..78af32bf350 100644 --- a/2022/30xxx/CVE-2022-30297.json +++ b/2022/30xxx/CVE-2022-30297.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-30297", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) EMA software", + "version": { + "version_data": [ + { + "version_value": "before version 1.8.0", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.8, + "baseSeverity": "LOW", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L" } ] } diff --git a/2022/30xxx/CVE-2022-30542.json b/2022/30xxx/CVE-2022-30542.json index e416773e06d..efe07606299 100644 --- a/2022/30xxx/CVE-2022-30542.json +++ b/2022/30xxx/CVE-2022-30542.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-30542", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families", + "version": { + "version_data": [ + { + "version_value": "before version R02.01.0014", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/30xxx/CVE-2022-30548.json b/2022/30xxx/CVE-2022-30548.json index ab3bd5844f4..302798deef0 100644 --- a/2022/30xxx/CVE-2022-30548.json +++ b/2022/30xxx/CVE-2022-30548.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-30548", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Glorp software", + "version": { + "version_data": [ + { + "version_value": "See references", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/30xxx/CVE-2022-30691.json b/2022/30xxx/CVE-2022-30691.json index 7f9226d9caf..a1ef32eb93b 100644 --- a/2022/30xxx/CVE-2022-30691.json +++ b/2022/30xxx/CVE-2022-30691.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-30691", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Support Android application", + "version": { + "version_data": [ + { + "version_value": "before version 22.02.28", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H" } ] } diff --git a/2022/32xxx/CVE-2022-32569.json b/2022/32xxx/CVE-2022-32569.json index b8da978eec5..36928707fb5 100644 --- a/2022/32xxx/CVE-2022-32569.json +++ b/2022/32xxx/CVE-2022-32569.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32569", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357.0074 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC M15 Laptop Kits", + "version": { + "version_data": [ + { + "version_value": "before version BCTGL357.0074", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/33xxx/CVE-2022-33176.json b/2022/33xxx/CVE-2022-33176.json index 0c2668f8790..3f0e4253968 100644 --- a/2022/33xxx/CVE-2022-33176.json +++ b/2022/33xxx/CVE-2022-33176.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-33176", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs", + "version": { + "version_data": [ + { + "version_value": "before version PATGL357.0042", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/33xxx/CVE-2022-33942.json b/2022/33xxx/CVE-2022-33942.json index d08468b6554..0ea68b9fd99 100644 --- a/2022/33xxx/CVE-2022-33942.json +++ b/2022/33xxx/CVE-2022-33942.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-33942", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) DCM software", + "version": { + "version_data": [ + { + "version_value": "before version 5.0", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/33xxx/CVE-2022-33973.json b/2022/33xxx/CVE-2022-33973.json index 1709e29b752..18f3dc7e3a4 100644 --- a/2022/33xxx/CVE-2022-33973.json +++ b/2022/33xxx/CVE-2022-33973.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-33973", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) WAPI Security software for Windows 10/11", + "version": { + "version_data": [ + { + "version_value": "before version 22.2150.0.1", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.3, + "baseSeverity": "LOW", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ] } diff --git a/2022/34xxx/CVE-2022-34152.json b/2022/34xxx/CVE-2022-34152.json index 3b85d9bb81a..9b9753e22e1 100644 --- a/2022/34xxx/CVE-2022-34152.json +++ b/2022/34xxx/CVE-2022-34152.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-34152", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC Boards, Intel(R) NUC Kits", + "version": { + "version_data": [ + { + "version_value": "before version TY0070", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/35xxx/CVE-2022-35276.json b/2022/35xxx/CVE-2022-35276.json index 0b2a26ecd49..7586bb4c6fb 100644 --- a/2022/35xxx/CVE-2022-35276.json +++ b/2022/35xxx/CVE-2022-35276.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-35276", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC 8 Compute Elements", + "version": { + "version_data": [ + { + "version_value": "before version CBWHL357.0096", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/36xxx/CVE-2022-36349.json b/2022/36xxx/CVE-2022-36349.json index abc0e01bfca..8252cc889d3 100644 --- a/2022/36xxx/CVE-2022-36349.json +++ b/2022/36xxx/CVE-2022-36349.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36349", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC Boards and Intel(R) NUC Kits", + "version": { + "version_data": [ + { + "version_value": "before version MYi30060", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.2, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L" } ] } diff --git a/2022/36xxx/CVE-2022-36367.json b/2022/36xxx/CVE-2022-36367.json index 6d91899060e..20bac7ea56c 100644 --- a/2022/36xxx/CVE-2022-36367.json +++ b/2022/36xxx/CVE-2022-36367.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36367", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Support Android application", + "version": { + "version_data": [ + { + "version_value": "before version v22.02.28", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ] } diff --git a/2022/36xxx/CVE-2022-36370.json b/2022/36xxx/CVE-2022-36370.json index 14653f0532f..a4c7e188ff1 100644 --- a/2022/36xxx/CVE-2022-36370.json +++ b/2022/36xxx/CVE-2022-36370.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36370", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC Boards and Intel(R) NUC Kits", + "version": { + "version_data": [ + { + "version_value": "before version MYi30060", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/36xxx/CVE-2022-36377.json b/2022/36xxx/CVE-2022-36377.json index c6a4aa83697..7f2cf234873 100644 --- a/2022/36xxx/CVE-2022-36377.json +++ b/2022/36xxx/CVE-2022-36377.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36377", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect default permissions in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(r) NUC Kit Wireless Adapter drivers for Windows 10", + "version": { + "version_data": [ + { + "version_value": "before version 22.40", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/36xxx/CVE-2022-36380.json b/2022/36xxx/CVE-2022-36380.json index 1fbee2e94b7..e37248fdb30 100644 --- a/2022/36xxx/CVE-2022-36380.json +++ b/2022/36xxx/CVE-2022-36380.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36380", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(r) NUC Kit Wireless Adapter drivers for Windows 10", + "version": { + "version_data": [ + { + "version_value": "before version 22.40", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/36xxx/CVE-2022-36384.json b/2022/36xxx/CVE-2022-36384.json index e2f9a677569..990483cbfd8 100644 --- a/2022/36xxx/CVE-2022-36384.json +++ b/2022/36xxx/CVE-2022-36384.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36384", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unquoted search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(r) NUC Kit Wireless Adapter drivers for Windows 10", + "version": { + "version_data": [ + { + "version_value": "before version 22.40", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/36xxx/CVE-2022-36400.json b/2022/36xxx/CVE-2022-36400.json index 6786bed3688..e6678e3338b 100644 --- a/2022/36xxx/CVE-2022-36400.json +++ b/2022/36xxx/CVE-2022-36400.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36400", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Path traversal in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(r) NUC Kit Wireless Adapter drivers for Windows 10", + "version": { + "version_data": [ + { + "version_value": "before version 22.40", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ] } diff --git a/2022/36xxx/CVE-2022-36789.json b/2022/36xxx/CVE-2022-36789.json index a6fd16689bd..34a0746b23a 100644 --- a/2022/36xxx/CVE-2022-36789.json +++ b/2022/36xxx/CVE-2022-36789.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-36789", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in BIOS firmware for some Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs before version FNCML357.0053 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs", + "version": { + "version_data": [ + { + "version_value": "before version FNCML357.0053", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/37xxx/CVE-2022-37334.json b/2022/37xxx/CVE-2022-37334.json index 2d1b5d0dd9a..83337a8e56e 100644 --- a/2022/37xxx/CVE-2022-37334.json +++ b/2022/37xxx/CVE-2022-37334.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-37334", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards before version TNTGL357.0064 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards", + "version": { + "version_data": [ + { + "version_value": "before version TNTGL357.0064", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/37xxx/CVE-2022-37345.json b/2022/37xxx/CVE-2022-37345.json index 8e3da0a3832..bd80970887b 100644 --- a/2022/37xxx/CVE-2022-37345.json +++ b/2022/37xxx/CVE-2022-37345.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-37345", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kits before version RY0386 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC Kits", + "version": { + "version_data": [ + { + "version_value": "before version RY0386", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/38xxx/CVE-2022-38099.json b/2022/38xxx/CVE-2022-38099.json index 4c66d82c71a..552174f757b 100644 --- a/2022/38xxx/CVE-2022-38099.json +++ b/2022/38xxx/CVE-2022-38099.json @@ -1,17 +1,72 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-38099", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) NUC 11 Compute Elements", + "version": { + "version_data": [ + { + "version_value": "before version EBTGL357.0065", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html", + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ] } diff --git a/2022/3xxx/CVE-2022-3954.json b/2022/3xxx/CVE-2022-3954.json new file mode 100644 index 00000000000..d6899788ddb --- /dev/null +++ b/2022/3xxx/CVE-2022-3954.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3954", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3955.json b/2022/3xxx/CVE-2022-3955.json new file mode 100644 index 00000000000..7903f194e5f --- /dev/null +++ b/2022/3xxx/CVE-2022-3955.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3955", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3956.json b/2022/3xxx/CVE-2022-3956.json new file mode 100644 index 00000000000..929c3511f95 --- /dev/null +++ b/2022/3xxx/CVE-2022-3956.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3956", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3957.json b/2022/3xxx/CVE-2022-3957.json new file mode 100644 index 00000000000..648a7811545 --- /dev/null +++ b/2022/3xxx/CVE-2022-3957.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3957", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file