CVE-2022-37409Insufficient Control Flow Management in Intel Integrated Performance Primitives Cryptography

CWE-691Insufficient Control Flow Management3 documents3 sources
Severity
5.5MEDIUMNVD
CNA4.7
EPSS
0.1%
top 72.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Integrated Performance Primitives Cryptography
Timeline
PublishedMay 10

Description

Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-q9ff-79hw-fjpp: Insufficient control flow management for the Intel(R) IPP Cryptography software before version 20212023-05-10
CVEList
CVE-2022-37409: Insufficient control flow management for the Intel(R) IPP Cryptography software before version 20212023-05-10
CVE-2022-37409 — Insufficient Control Flow Management | cvebase