Information Disclosure Vulnerability in Intel Trace Analyzer and Collector
CVE-2022-21218

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Trace Analyzer And Collector
Vendor: CVE Published:; 9 February 2022

Summary

An information disclosure vulnerability exists in Intel Trace Analyzer and Collector prior to version 2021.5. An authenticated user could exploit this vulnerability through local access, potentially revealing sensitive information due to an uncaught exception. This could allow unauthorized retrieval of data, posing risks to user privacy and security.

Affected Version(s)

Intel(R) Trace Analyzer and Collector before version 2021.5

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2022
Vulnerability Reserved
Nov 30, 2021