5.5
CVE-2022-43477
- EPSS 0.1%
- Veröffentlicht 14.11.2023 19:15:13
- Zuletzt bearbeitet 21.11.2024 07:26:34
- Quelle secure@intel.com
- Teams Watchlist Login
- Unerledigt Login
Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Unison Software Version < 20.14.5683.0
Intel ≫ Unison Software Version < 20.14.4244
Intel ≫ Unison Software Version < 20.14.2.3053
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.243 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| secure@intel.com | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
CWE-459 Incomplete Cleanup
The product does not properly "clean up" and remove temporary or supporting resources after they have been used.