mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-31 18:51:16 +00:00
339 lines
11 KiB
JSON
339 lines
11 KiB
JSON
{
|
|
"id": "CVE-2022-21123",
|
|
"sourceIdentifier": "secure@intel.com",
|
|
"published": "2022-06-15T20:15:17.503",
|
|
"lastModified": "2023-11-07T03:43:25.240",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una limpieza incompleta de los b\u00faferes compartidos multin\u00facleo en algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio del acceso local"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.5,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 2.1
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-459"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
|
|
"matchCriteriaId": "EF4E17C2-244F-4E5A-A5F8-4626CD1AC11A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
|
|
"versionEndExcluding": "1.14.100.3",
|
|
"matchCriteriaId": "95D27137-9FE9-4036-95C5-28B8502A50BA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
|
|
"versionEndExcluding": "1.14.100.3",
|
|
"matchCriteriaId": "7461CA21-255D-4825-AE70-E3EB5D05945E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
|
|
"versionEndExcluding": "2.16.100.3",
|
|
"matchCriteriaId": "66C56CBD-F718-43A4-B097-291D2D6BBD0E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
|
|
"versionEndExcluding": "2.17.100.3",
|
|
"matchCriteriaId": "54F078D2-1BA0-4784-9650-6680ACD84FF6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
|
|
"versionEndExcluding": "2.16.100.3",
|
|
"matchCriteriaId": "CF5F9EC2-3359-4364-AB06-64A528AAAE51"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
|
|
"versionEndExcluding": "2.17.100.3",
|
|
"matchCriteriaId": "0C7F6964-55CF-4BD2-B483-EA6FE9564037"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
|
|
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
|
|
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Mailing List",
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Mailing List",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/",
|
|
"source": "secure@intel.com"
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/",
|
|
"source": "secure@intel.com"
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/",
|
|
"source": "secure@intel.com"
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/",
|
|
"source": "secure@intel.com"
|
|
},
|
|
{
|
|
"url": "https://security.gentoo.org/glsa/202208-23",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.debian.org/security/2022/dsa-5173",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.debian.org/security/2022/dsa-5178",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.debian.org/security/2022/dsa-5184",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html",
|
|
"source": "secure@intel.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |