CVE-2018-12155

CWE-200 — Information Exposure3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 81.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Integrated Performance Primitives Intel Corporation Intel Integrated Performance Primitives

Timeline

PublishedDec 5

Latest updateMay 13

Description

Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDintel/integrated_performance_primitives< 2019+1

▶CVEListV5intel_corporation/intel_integrated_performance_primitivesbefore 2019 update 1

🔴Vulnerability Details

GHSA

GHSA-25v2-jc2r-qvqg: Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information di↗2022-05-13

▶

CVEList

CVE-2018-12155: Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information di↗2018-12-05

▶