CVE-2022-30296

{"id": "CVE-2022-30296", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-08-18T20:15:11.400", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00703.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network access."}, {"lang": "es", "value": "Unas credenciales insuficientemente protegidas en la aplicaci\u00f3n Intel(R) Datacenter Group Event iOS, en todas sus versiones, pueden permitir que un usuario no autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio del acceso a la red."}], "lastModified": "2022-08-22T13:55:41.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:datacenter_group_event:*:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "10EF98F9-CFB9-481E-82E6-C1E6F6293B77"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}