CVE-2022-43456
11.08.2023, 03:15
Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| intel | rapid_storage_technology | 16.0 ≤ 𝑥 < 16.8.5.1014.5 |
| intel | rapid_storage_technology | 17.0 ≤ 𝑥 < 17.11.3.1010.2 |
| intel | rapid_storage_technology | 18.0 ≤ 𝑥 < 18.7.6.1011.2 |
| intel | rapid_storage_technology | 19.0 ≤ 𝑥 < 19.5.2.1049.5 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| intel_rst_software | intel_rst_software | 𝑥 < 16.8.5.1014.5 | ADP |
| intel_rst_software | intel_rst_software | 𝑥 < 17.11.3.1010.2 | ADP |
| intel_rst_software | intel_rst_software | 𝑥 < 18.7.6.1011.2 | ADP |
| intel_rst_software | intel_rst_software | 𝑥 < 19.5.2.1049.5 | ADP |
Common Weakness Enumeration
- CWE-427 - Uncontrolled Search Path ElementThe product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
- CWE-426 - Untrusted Search PathThe application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.