Base Score

LOW3.3

CVE-2023-48727

NULL pointer dereference in some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable information disclosure via local access.

VectorLOCAL

Published Bysecure@intel.com

Published DateMay 16, 2024, 21:16

Weakness Type (CWE):CWE-395

CVSS Metrics

Base Score

3.3

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Base Severity

LOW

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

LOW

Integrity (I)

NONE

Availability (A)

NONE

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html

Base Score

LOW3.3

Weakness Type (CWE):CWE-395

CVSS Metrics

Base Score

3.3

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Base Severity

LOW

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

LOW

Integrity (I)

NONE

Availability (A)

NONE