CVE-2020-12333

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 84.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Quickassist Technology
Timeline
PublishedNov 12
Latest updateMay 24

Description

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_qat_for_linuxbefore version 1.7.l.4.10.0
NVDintel/quickassist_technology< 1.7.l.4.10.0

🔴Vulnerability Details

2
GHSA
GHSA-qcqx-jwr9-v42m: Insufficiently protected credentials in the Intel(R) QAT for Linux before version 12022-05-24
CVEList
CVE-2020-12333: Insufficiently protected credentials in the Intel(R) QAT for Linux before version 12020-11-12
CVE-2020-12333 (HIGH CVSS 7.8) | Insufficiently protected credential | cvebase.io