Insecure Storage of Sensitive Information

CVE-2022-44619

High

8.2/10

Summary

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: REQUIRED
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-922 - Insecure Storage of Sensitive Information

The software stores sensitive information without properly limiting read or write access by unauthorized actors.

References

Advisory Timeline

Published May 10, 2023

Insecure Storage of Sensitive Information

CVE-2022-44619

Summary

CWE-922 - Insecure Storage of Sensitive Information

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS