Details of VAR-202211-0704

ID

VAR-202211-0704

CVE

CVE-2022-27638

TITLE

Intel Advanced Link Analyzer Pro Code problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202211-2618

DESCRIPTION

Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access

Trust: 0.99

sources: NVD: CVE-2022-27638 // VULHUB: VHN-419880

AFFECTED PRODUCTS

vendor:	intel	model:	advanced link analyzer	scope:	lt	version:	22.1.1	Trust: 1.0
vendor:	intel	model:	advanced link analyzer	scope:	lt	version:	22.2	Trust: 1.0

sources: NVD: CVE-2022-27638

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com:	CVE-2022-27638
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2022-27638
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202211-2618
value:	HIGH
Trust: 0.6

secure@intel.com:	CVE-2022-27638
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2022-27638
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNNVD: CNNVD-202211-2618 // NVD: CVE-2022-27638 // NVD: CVE-2022-27638

PROBLEMTYPE DATA

problemtype:

CWE-427

Trust: 1.1

sources: VULHUB: VHN-419880 // NVD: CVE-2022-27638

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202211-2618

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202211-2618

PATCH

title:

Intel Advanced Link Analyzer Pro Fixes for code issue vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=214665

Trust: 0.6

sources: CNNVD: CNNVD-202211-2618

EXTERNAL IDS

db:	NVD	id:	CVE-2022-27638	Trust: 1.7
db:	AUSCERT	id:	ESB-2022.5842	Trust: 0.6
db:	CNNVD	id:	CNNVD-202211-2618	Trust: 0.6
db:	VULHUB	id:	VHN-419880	Trust: 0.1

sources: VULHUB: VHN-419880 // CNNVD: CNNVD-202211-2618 // NVD: CVE-2022-27638

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html	Trust: 1.7
url:	https://cxsecurity.com/cveshow/cve-2022-27638/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5842	Trust: 0.6

sources: VULHUB: VHN-419880 // CNNVD: CNNVD-202211-2618 // NVD: CVE-2022-27638

SOURCES

db:	VULHUB	id:	VHN-419880
db:	CNNVD	id:	CNNVD-202211-2618
db:	NVD	id:	CVE-2022-27638

LAST UPDATE DATE

2025-02-06T22:53:53.210000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-419880	date:	2022-11-17T00:00:00
db:	CNNVD	id:	CNNVD-202211-2618	date:	2022-11-18T00:00:00
db:	NVD	id:	CVE-2022-27638	date:	2025-02-05T21:15:16.537

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-419880	date:	2022-11-11T00:00:00
db:	CNNVD	id:	CNNVD-202211-2618	date:	2022-11-11T00:00:00
db:	NVD	id:	CVE-2022-27638	date:	2022-11-11T16:15:13.627