CVE-2022-26083

Summary

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access.

Affected Software

VendorProductVersion RangeStatus
n/aIntel(R) IPP Cryptography software librarybefore version 2021.5affected

Weaknesses

  • Information Disclosure
  • CWE-1204: Generation of Weak Initialization Vector (IV)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References