CVE-2022-21156
First published: Wed Feb 09 2022(Updated: )
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Trace Analyzer and Collector | <2021.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-21156?
CVE-2022-21156 refers to the vulnerability in the Intel(R) Trace Analyzer and Collector software before version 2021.5 that allows an authenticated user to potentially enable denial of service through local access.
What is the severity of CVE-2022-21156?
The severity of CVE-2022-21156 is medium with a CVSS severity score of 5.5.
How can an attacker exploit CVE-2022-21156?
An attacker can exploit CVE-2022-21156 by gaining authenticated access to the vulnerable Intel(R) Trace Analyzer and Collector software and potentially causing a denial of service.
Is there a fix for CVE-2022-21156?
Yes, the fix for CVE-2022-21156 is to upgrade the Intel(R) Trace Analyzer and Collector software to version 2021.5 or later.
Where can I find more information about CVE-2022-21156?
You can find more information about CVE-2022-21156 in the Intel Security Advisory SA-00639 at the following link: [Intel-SA-00639](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00639.html)
- collector/nvd-index
- agent/type
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel trace analyzer and collector