Insufficient Control Flow Management

CVE-2024-33617

High

8.2/10

Summary

Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-691 - Insufficient Control Flow Management

The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.

References

Advisory Timeline

Published Nov 13, 2024

Insufficient Control Flow Management

CVE-2024-33617

Summary

CWE-691 - Insufficient Control Flow Management

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS