CVE-2022-21793

EPSS 0.05%
Published 18.08.2022 20:15:10
Last modified 05.05.2025 17:17:51
Source secure@intel.com
Teams watchlist Login
Open Login

Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

VMware ≫ Ixgben Version < 1.11.4.0

   Intel ≫ 82599 10 Gigabit Ethernet Controller Version-
   Intel ≫ Ethernet Controller X540 Version-
   Intel ≫ Ethernet Controller X550 Version-
   Intel ≫ Ethernet Controller X552 Version-

VMware ≫ I40en Version < 2.1.5.0

   Intel ≫ Ethernet Controller X710 Version-
   Intel ≫ Ethernet Controller X722 Version-
   Intel ≫ Ethernet Controller Xl710 Version-
   Intel ≫ Ethernet Controller Xxv710 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.145

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00650.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-21793

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-21793

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-21793

EUVD