Details of VAR-202302-1397

ID

VAR-202302-1397

CVE

CVE-2022-33902

TITLE

Intel's Quartus Prime Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-019748

DESCRIPTION

Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's Quartus Prime Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-33902 // JVNDB: JVNDB-2022-019748 // VULHUB: VHN-426207 // VULMON: CVE-2022-33902

AFFECTED PRODUCTS

vendor:	intel	model:	quartus prime	scope:	lt	version:	22.1	Trust: 1.0
vendor:	intel	model:	quartus prime	scope:	lt	version:	22.2	Trust: 1.0
vendor:	インテル	model:	quartus prime	scope:	eq	version:	22.2	Trust: 0.8
vendor:	インテル	model:	quartus prime	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	quartus prime	scope:	eq	version:	22.1	Trust: 0.8
vendor:	インテル	model:	quartus prime	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-019748 // NVD: CVE-2022-33902

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-33902
value:	HIGH
Trust: 1.0
secure@intel.com:	CVE-2022-33902
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-33902
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202302-1384
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-33902
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
secure@intel.com:	CVE-2022-33902
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.3
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-33902
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019748 // CNNVD: CNNVD-202302-1384 // NVD: CVE-2022-33902 // NVD: CVE-2022-33902

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-019748 // NVD: CVE-2022-33902

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-1384

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202302-1384

PATCH

title:

Intel Quartus Prime Pro Security vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=226961

Trust: 0.6

sources: CNNVD: CNNVD-202302-1384

EXTERNAL IDS

db:	NVD	id:	CVE-2022-33902	Trust: 3.4
db:	JVN	id:	JVNVU91223897	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-019748	Trust: 0.8
db:	CNNVD	id:	CNNVD-202302-1384	Trust: 0.6
db:	VULHUB	id:	VHN-426207	Trust: 0.1
db:	VULMON	id:	CVE-2022-33902	Trust: 0.1

sources: VULHUB: VHN-426207 // VULMON: CVE-2022-33902 // JVNDB: JVNDB-2022-019748 // CNNVD: CNNVD-202302-1384 // NVD: CVE-2022-33902

REFERENCES

url:	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00714.html	Trust: 2.6
url:	https://jvn.jp/vu/jvnvu91223897/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-33902	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-33902/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-426207 // VULMON: CVE-2022-33902 // JVNDB: JVNDB-2022-019748 // CNNVD: CNNVD-202302-1384 // NVD: CVE-2022-33902

SOURCES

db:	VULHUB	id:	VHN-426207
db:	VULMON	id:	CVE-2022-33902
db:	JVNDB	id:	JVNDB-2022-019748
db:	CNNVD	id:	CNNVD-202302-1384
db:	NVD	id:	CVE-2022-33902

LAST UPDATE DATE

2024-08-14T12:30:13.603000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-426207	date:	2023-02-27T00:00:00
db:	VULMON	id:	CVE-2022-33902	date:	2023-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2022-019748	date:	2023-10-27T05:51:00
db:	CNNVD	id:	CNNVD-202302-1384	date:	2023-02-28T00:00:00
db:	NVD	id:	CVE-2022-33902	date:	2023-02-27T16:41:26.047

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-426207	date:	2023-02-16T00:00:00
db:	VULMON	id:	CVE-2022-33902	date:	2023-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2022-019748	date:	2023-10-27T00:00:00
db:	CNNVD	id:	CNNVD-202302-1384	date:	2023-02-16T00:00:00
db:	NVD	id:	CVE-2022-33902	date:	2023-02-16T20:15:14.540