Sign-up

ID

VAR-202208-0823


CVE

CVE-2022-26844


TITLE

Intel's  single event api  Vulnerability regarding insufficient protection of authentication information in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015172

DESCRIPTION

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's single event api There are vulnerabilities in inadequate protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-26844 // JVNDB: JVNDB-2022-015172 // VULHUB: VHN-419858

AFFECTED PRODUCTS

vendor:intelmodel:single event apiscope:eqversion: -

Trust: 1.0

vendor:インテルmodel:single event apiscope:eqversion: -

Trust: 0.8

vendor:インテルmodel:single event apiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-015172 // NVD: CVE-2022-26844

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26844
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2022-26844
value: HIGH

Trust: 1.0

NVD: CVE-2022-26844
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202208-2708
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-26844
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2022-26844
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-015172 // CNNVD: CNNVD-202208-2708 // NVD: CVE-2022-26844 // NVD: CVE-2022-26844

PROBLEMTYPE DATA

problemtype:CWE-522

Trust: 1.1

problemtype:Inadequate protection of credentials (CWE-522) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-419858 // JVNDB: JVNDB-2022-015172 // NVD: CVE-2022-26844

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2708

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2708

PATCH

title:Intel Single Event API Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=205192

Trust: 0.6

sources: CNNVD: CNNVD-202208-2708

EXTERNAL IDS

db:NVDid:CVE-2022-26844

Trust: 3.3

db:JVNid:JVNVU99494206

Trust: 0.8

db:JVNDBid:JVNDB-2022-015172

Trust: 0.8

db:AUSCERTid:ESB-2022.3957

Trust: 0.6

db:CNNVDid:CNNVD-202208-2708

Trust: 0.6

db:VULHUBid:VHN-419858

Trust: 0.1

sources: VULHUB: VHN-419858 // JVNDB: JVNDB-2022-015172 // CNNVD: CNNVD-202208-2708 // NVD: CVE-2022-26844

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00701.html

Trust: 2.5

url:https://jvn.jp/vu/jvnvu99494206/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-26844

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.3957

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-26844/

Trust: 0.6

sources: VULHUB: VHN-419858 // JVNDB: JVNDB-2022-015172 // CNNVD: CNNVD-202208-2708 // NVD: CVE-2022-26844

SOURCES

db:VULHUBid:VHN-419858
db:JVNDBid:JVNDB-2022-015172
db:CNNVDid:CNNVD-202208-2708
db:NVDid:CVE-2022-26844

LAST UPDATE DATE

2025-02-26T19:35:40.203000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-419858date:2022-08-22T00:00:00
db:JVNDBid:JVNDB-2022-015172date:2023-09-25T08:45:00
db:CNNVDid:CNNVD-202208-2708date:2022-08-23T00:00:00
db:NVDid:CVE-2022-26844date:2025-02-25T18:15:25.827

SOURCES RELEASE DATE

db:VULHUBid:VHN-419858date:2022-08-18T00:00:00
db:JVNDBid:JVNDB-2022-015172date:2023-09-25T00:00:00
db:CNNVDid:CNNVD-202208-2708date:2022-08-10T00:00:00
db:NVDid:CVE-2022-26844date:2022-08-18T20:15:11.087