CVE-2022-21793
Last modified
CVE-2022-21793 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access.. EPSS estimates a 0.19% chance of exploitation in the next 30 days.
Description
Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Ixgben | < 1.11.4.0 |
| Vmware | I40en | < 2.1.5.0 |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00650.htmlPatch, Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00650.htmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-21793?
How severe is CVE-2022-21793?
How do I fix CVE-2022-21793?
Are you affected by CVE-2022-21793?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST