CVE-2022-26844

{"id": "CVE-2022-26844", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-08-18T20:15:11.087", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00701.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access."}, {"lang": "es", "value": "Unas credenciales insuficientemente protegidas en los binarios de instalaci\u00f3n para Intel(R) SEAPI en todas las versiones pueden permitir que un usuario autenticado permita potencialmente una escalada de privilegios por medio de acceso local."}], "lastModified": "2022-08-22T13:12:04.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:single_event_api:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3C612A2-DFBC-4592-80DF-3C8609E0B832"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}