5.5
CVE-2022-43477
- EPSS 0.1%
- Published 14.11.2023 19:15:13
- Last modified 21.11.2024 07:26:34
- Source secure@intel.com
- Teams watchlist Login
- Open Login
Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.
Data is provided by the National Vulnerability Database (NVD)
Intel ≫ Unison Software Version < 20.14.5683.0
Intel ≫ Unison Software Version < 20.14.4244
Intel ≫ Unison Software Version < 20.14.2.3053
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.243 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| secure@intel.com | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
CWE-459 Incomplete Cleanup
The product does not properly "clean up" and remove temporary or supporting resources after they have been used.