CVE-2024-36284 MEDIUM

CVE-2024-36284

Vendor N/A
Product Intel(R) Neural Compressor software
Weakness CWE-20 · Input validation
Published November 13, 2024
Last update November 13, 2024

CVSS base score

5.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Improper input validation in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

Key dates

02Disclosure timeline

November 13, 2024 CVE published
November 13, 2024 Record updated