Details of VAR-202202-0446

ID

VAR-202202-0446

CVE

CVE-2022-21218

TITLE

Intel(R) Trace Analyzer and Collector Vulnerability in handling exceptional conditions in

Trust: 0.8

sources: JVNDB: JVNDB-2022-005075

DESCRIPTION

Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) Trace Analyzer and Collector Exists in a vulnerability in handling exceptional conditions.Information may be obtained. Used to analyze Mpi behavior in parallel applications. An attacker could exploit this vulnerability to cause denial of service or information disclosure

Trust: 1.8

sources: NVD: CVE-2022-21218 // JVNDB: JVNDB-2022-005075 // VULHUB: VHN-407688 // VULMON: CVE-2022-21218

AFFECTED PRODUCTS

vendor:	intel	model:	trace analyzer and collector	scope:	lt	version:	2021.5	Trust: 1.0
vendor:	インテル	model:	intel trace analyzer and collector	scope:	eq	version:	2021.5	Trust: 0.8
vendor:	インテル	model:	intel trace analyzer and collector	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-005075 // NVD: CVE-2022-21218

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-21218
value:	MEDIUM
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2022-21218
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-21218
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202202-762
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-407688
value:	LOW
Trust: 0.1
VULMON:	CVE-2022-21218
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2022-21218
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-407688
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-21218
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2022-21218
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-407688 // VULMON: CVE-2022-21218 // JVNDB: JVNDB-2022-005075 // CNNVD: CNNVD-202202-762 // NVD: CVE-2022-21218 // NVD: CVE-2022-21218

PROBLEMTYPE DATA

problemtype:	CWE-755	Trust: 1.1
problemtype:	Improper handling in exceptional conditions (CWE-755) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-407688 // JVNDB: JVNDB-2022-005075 // NVD: CVE-2022-21218

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202202-762

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202202-762

PATCH

title:	INTEL-SA-00639	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00639.html	Trust: 0.8
title:	Intel Trace Analyzer and Collector Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=182195	Trust: 0.6
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-21218 // JVNDB: JVNDB-2022-005075 // CNNVD: CNNVD-202202-762

EXTERNAL IDS

db:	NVD	id:	CVE-2022-21218	Trust: 3.4
db:	JVN	id:	JVNVU99045838	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-005075	Trust: 0.8
db:	CNNVD	id:	CNNVD-202202-762	Trust: 0.7
db:	CS-HELP	id:	SB2022020911	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0548	Trust: 0.6
db:	VULHUB	id:	VHN-407688	Trust: 0.1
db:	VULMON	id:	CVE-2022-21218	Trust: 0.1

sources: VULHUB: VHN-407688 // VULMON: CVE-2022-21218 // JVNDB: JVNDB-2022-005075 // CNNVD: CNNVD-202202-762 // NVD: CVE-2022-21218

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00639.html	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21218	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu99045838/	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022020911	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0548	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/755.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/alphabugx/cve-2022-23305	Trust: 0.1

sources: VULHUB: VHN-407688 // VULMON: CVE-2022-21218 // JVNDB: JVNDB-2022-005075 // CNNVD: CNNVD-202202-762 // NVD: CVE-2022-21218

SOURCES

db:	VULHUB	id:	VHN-407688
db:	VULMON	id:	CVE-2022-21218
db:	JVNDB	id:	JVNDB-2022-005075
db:	CNNVD	id:	CNNVD-202202-762
db:	NVD	id:	CVE-2022-21218

LAST UPDATE DATE

2025-05-07T21:17:22.207000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-407688	date:	2022-02-15T00:00:00
db:	VULMON	id:	CVE-2022-21218	date:	2022-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-005075	date:	2023-05-17T07:30:00
db:	CNNVD	id:	CNNVD-202202-762	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2022-21218	date:	2025-05-05T17:17:44.870

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-407688	date:	2022-02-09T00:00:00
db:	VULMON	id:	CVE-2022-21218	date:	2022-02-09T00:00:00
db:	JVNDB	id:	JVNDB-2022-005075	date:	2023-05-17T00:00:00
db:	CNNVD	id:	CNNVD-202202-762	date:	2022-02-09T00:00:00
db:	NVD	id:	CVE-2022-21218	date:	2022-02-09T23:15:18.117