CVE-2022-21205: XEE
First published: Wed Feb 09 2022(Updated: )
Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Quartus Prime | <21.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-21205?
CVE-2022-21205 is a vulnerability in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 that may allow an unauthenticated user to potentially enable information disclosure via network access.
How severe is CVE-2022-21205?
The severity of CVE-2022-21205 is high, with a severity value of 7.5.
Which software is affected by CVE-2022-21205?
DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 is affected by CVE-2022-21205.
How can an unauthenticated user potentially enable information disclosure through CVE-2022-21205?
An unauthenticated user can potentially enable information disclosure through CVE-2022-21205 via network access.
Where can I find more information about CVE-2022-21205?
You can find more information about CVE-2022-21205 at https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00632.html.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel quartus prime