Sign-up

ID

VAR-202302-1471


CVE

CVE-2022-33892


TITLE

Intel's  Quartus Prime  Past traversal vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-019749

DESCRIPTION

Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's Quartus Prime Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-33892 // JVNDB: JVNDB-2022-019749 // VULHUB: VHN-426205 // VULMON: CVE-2022-33892

AFFECTED PRODUCTS

vendor:intelmodel:quartus primescope:ltversion:22.1

Trust: 1.0

vendor:intelmodel:quartus primescope:ltversion:22.2

Trust: 1.0

vendor:インテルmodel:quartus primescope:eqversion:22.2

Trust: 0.8

vendor:インテルmodel:quartus primescope: - version: -

Trust: 0.8

vendor:インテルmodel:quartus primescope:eqversion:22.1

Trust: 0.8

vendor:インテルmodel:quartus primescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-019749 // NVD: CVE-2022-33892

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-33892
value: HIGH

Trust: 1.0

secure@intel.com: CVE-2022-33892
value: HIGH

Trust: 1.0

NVD: CVE-2022-33892
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202302-1385
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-33892
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

secure@intel.com: CVE-2022-33892
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.3
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-33892
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-019749 // CNNVD: CNNVD-202302-1385 // NVD: CVE-2022-33892 // NVD: CVE-2022-33892

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.1

problemtype:Path traversal (CWE-22) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-426205 // JVNDB: JVNDB-2022-019749 // NVD: CVE-2022-33892

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-1385

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202302-1385

PATCH

title:Intel Quartus Prime Pro Repair measures for path traversal vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=226962

Trust: 0.6

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-33892

Trust: 0.1

sources: VULMON: CVE-2022-33892 // CNNVD: CNNVD-202302-1385

EXTERNAL IDS

db:NVDid:CVE-2022-33892

Trust: 3.4

db:JVNid:JVNVU91223897

Trust: 0.8

db:JVNDBid:JVNDB-2022-019749

Trust: 0.8

db:CNNVDid:CNNVD-202302-1385

Trust: 0.6

db:VULHUBid:VHN-426205

Trust: 0.1

db:VULMONid:CVE-2022-33892

Trust: 0.1

sources: VULHUB: VHN-426205 // VULMON: CVE-2022-33892 // JVNDB: JVNDB-2022-019749 // CNNVD: CNNVD-202302-1385 // NVD: CVE-2022-33892

REFERENCES

url:http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00714.html

Trust: 2.6

url:https://jvn.jp/vu/jvnvu91223897/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-33892

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-33892/

Trust: 0.6

url:https://github.com/live-hack-cve/cve-2022-33892

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-426205 // VULMON: CVE-2022-33892 // JVNDB: JVNDB-2022-019749 // CNNVD: CNNVD-202302-1385 // NVD: CVE-2022-33892

SOURCES

db:VULHUBid:VHN-426205
db:VULMONid:CVE-2022-33892
db:JVNDBid:JVNDB-2022-019749
db:CNNVDid:CNNVD-202302-1385
db:NVDid:CVE-2022-33892

LAST UPDATE DATE

2024-08-14T12:34:06.016000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-426205date:2023-02-27T00:00:00
db:VULMONid:CVE-2022-33892date:2023-02-17T00:00:00
db:JVNDBid:JVNDB-2022-019749date:2023-10-27T05:52:00
db:CNNVDid:CNNVD-202302-1385date:2023-02-28T00:00:00
db:NVDid:CVE-2022-33892date:2023-02-27T17:20:29.733

SOURCES RELEASE DATE

db:VULHUBid:VHN-426205date:2023-02-16T00:00:00
db:VULMONid:CVE-2022-33892date:2023-02-16T00:00:00
db:JVNDBid:JVNDB-2022-019749date:2023-10-27T00:00:00
db:CNNVDid:CNNVD-202302-1385date:2023-02-16T00:00:00
db:NVDid:CVE-2022-33892date:2023-02-16T20:15:14.477