{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-22382", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2024-01-24T04:00:22.628Z", "datePublished": "2024-05-16T20:46:58.276Z", "dateUpdated": "2024-08-20T15:03:50.852Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2024-05-16T20:46:58.276Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "escalation of privilege"}, {"lang": "en", "description": "Improper Input Validation", "cweId": "CWE-20", "type": "CWE"}]}], "affected": [{"vendor": "n/a", "product": "PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products", "versions": [{"version": "See references", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access."}], "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}]}, "adp": [{"affected": [{"vendor": "intel", "product": "server_system_d50tnp2mhsvac_firmware", "cpes": ["cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-17T13:02:06.562888Z", "id": "CVE-2024-22382", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-20T15:03:50.852Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:43:34.710Z"}, "title": "CVE Program Container", "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:43:34.710Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-22382", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-17T13:02:06.562888Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:-:*:*:*:*:*:*:*"], "vendor": "intel", "product": "server_system_d50tnp2mhsvac_firmware", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-03T14:22:30.883Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "n/a", "product": "PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products", "versions": [{"status": "affected", "version": "See references"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html"}], "descriptions": [{"lang": "en", "value": "Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "escalation of privilege"}, {"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "Improper Input Validation"}]}], "providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2024-05-16T20:46:58.276Z"}}}, "cveMetadata": {"cveId": "CVE-2024-22382", "state": "PUBLISHED", "dateUpdated": "2024-08-20T15:03:50.852Z", "dateReserved": "2024-01-24T04:00:22.628Z", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "datePublished": "2024-05-16T20:46:58.276Z", "assignerShortName": "intel"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access."}, {"lang": "es", "value": "La validaci\u00f3n de entrada incorrecta en el m\u00f3dulo PprRequestLog en el firmware UEFI para algunos productos de la familia Intel(R) Server D50DNP puede permitir que un usuario privilegiado habilite la escalada de privilegios a trav\u00e9s del acceso local."}], "id": "CVE-2024-22382", "lastModified": "2024-11-21T08:56:09.747", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 6.0, "source": "secure@intel.com", "type": "Secondary"}]}, "published": "2024-05-16T21:16:06.760", "references": [{"source": "secure@intel.com", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "secure@intel.com", "type": "Secondary"}]}

{}