Vulnerability Description
Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Integrated Performance Primitives Cryptography | < 2021.6 |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00788.Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00788.Vendor Advisory
FAQ
What is CVE-2022-37409?
CVE-2022-37409 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local access.
How severe is CVE-2022-37409?
CVE-2022-37409 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-37409?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Integrated Performance Primitives Cryptography.