CVE-2022-29507

{"id": "CVE-2022-29507", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-08-18T20:15:11.313", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00705.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may allow an authenticated user to potentially enable information disclosure via local access."}, {"lang": "es", "value": "Unas credenciales insuficientemente protegidas en la aplicaci\u00f3n m\u00f3vil Intel(R) Team Blue en todas las versiones pueden permitir que un usuario autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio de acceso local."}], "lastModified": "2022-08-22T14:48:13.487", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:team_blue:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD10C88C-96F5-4230-A559-FD5A974CA52B"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}