nvd-json-data-feeds/CVE-2024/CVE-2024-281xx/CVE-2024-28169.json

{
  "id": "CVE-2024-28169",
  "sourceIdentifier": "secure@intel.com",
  "published": "2024-11-13T21:15:14.377",
  "lastModified": "2024-11-15T14:00:09.720",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable denial of service via adjacent access."
    },
    {
      "lang": "es",
      "value": "La transmisi\u00f3n de texto plano de informaci\u00f3n confidencial para alg\u00fan software BigDL mantenido por Intel\u00ae antes de la versi\u00f3n 2.5.0 puede permitir que un usuario autenticado habilite potencialmente la denegaci\u00f3n de servicio a trav\u00e9s del acceso adyacente."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "secure@intel.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "ADJACENT",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "privilegesRequired": "LOW",
          "userInteraction": "PASSIVE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "LOW",
          "vulnAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "secure@intel.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "attackVector": "ADJACENT_NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 4.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "secure@intel.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01146.html",
      "source": "secure@intel.com"
    }
  ]
}