CVE-2023-22447

Summary

Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure via local access.

Affected Software

VendorProductVersion RangeStatus
n/aOpen CAS software for Linux maintained by Intelbefore version 22.6.2affected

Weaknesses

  • information disclosure
  • CWE-532: Insertion of sensitive information into log file

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References