5.5
CVE-2023-24478
- EPSS 0.06%
- Veröffentlicht 15.08.2023 13:15:09
- Zuletzt bearbeitet 21.11.2024 07:47:56
- Quelle secure@intel.com
- CVE-Watchlists
- Unerledigt
LoginUse of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Quartus Prime SwEditionpro Version < 22.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.194 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| secure@intel.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-330 Use of Insufficiently Random Values
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.