CVE-2023-22290

2023-11-1419:15:16

CWE-248

CWE-754

[email protected]

web.nvd.nist.gov

cve-2023-22290

intel unison software

network access

denial of service

authenticated user

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

13.3%

JSON

Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access.

Affected configurations

Nvd

Node

intelunison_softwareRange<20.14.5683.0

AND

microsoftwindowsMatch-

Node

intelunison_softwareRange<20.14.4244

AND

googleandroidMatch-

Node

intelunison_softwareRange<20.14.2.3053

AND

appleiphone_osMatch-

VendorProductVersionCPE
intelunison_software*cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	unison_software	*	cpe:2.3:a:intel:unison_software::::::::
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*