{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-27187","assignerOrgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","state":"PUBLISHED","assignerShortName":"intel","requesterUserId":"524a9a6b-3515-4b97-ab85-1a9a79493852","dateReserved":"2022-04-05T15:11:17.474Z","datePublished":"2022-11-11T15:48:42.269Z","dateUpdated":"2025-02-05T20:52:35.658Z"},"containers":{"cna":{"providerMetadata":{"orgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","shortName":"intel","dateUpdated":"2023-02-07T04:31:45.250Z"},"problemTypes":[{"descriptions":[{"lang":"en","description":"escalation of privilege"}]}],"affected":[{"vendor":"n/a","product":"Intel(R) Quartus Prime Standard edition software","versions":[{"version":"before version 21.1 Patch 0.02std","status":"affected"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access."}],"references":[{"name":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","baseScore":6.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T05:25:31.018Z"},"title":"CVE Program Container","references":[{"name":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-427","lang":"en","description":"CWE-427 Uncontrolled Search Path Element"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-29T20:41:30.350318Z","id":"CVE-2022-27187","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-05T20:52:35.658Z"}}]}}