CVE-2022-30691

Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.5 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html	Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:intel:support:*:*:*:*:*:android:*:*

History

21 Nov 2024, 07:03

Type	Values Removed	Values Added
References	~~() https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html - Vendor Advisory~~	() https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~5.5~~	v2 : unknown v3 : 5.9

Information

Published : 2022-11-11 16:15

Updated : 2024-11-21 07:03

NVD link : CVE-2022-30691

Mitre link : CVE-2022-30691

CVE.ORG link : CVE-2022-30691

JSON object : View

Products Affected

intel

support

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2022-30691", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secure@intel.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 1.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-11-11T16:15:14.813", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access."}, {"lang": "es", "value": "El consumo incontrolado de recursos en la aplicaci\u00f3n Intel(R) Support para Android anterior a la versi\u00f3n 22.02.28 puede permitir que un usuario autenticado habilite potencialmente la Denegaci\u00f3n de Servicio (DoS) a trav\u00e9s del acceso local."}], "lastModified": "2024-11-21T07:03:10.773", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:support:*:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "79D6A296-D385-4D78-B187-09C5F9B76BA3", "versionEndExcluding": "22.02.28"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}