CVE-2024-22374

Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.0 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01073.html

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) La gestión insuficiente del flujo de control para algunos procesadores Intel(R) Xeon puede permitir que un usuario autenticado potencialmente habilite la denegación de servicio a través del acceso local.

14 Aug 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-14 14:15

Updated : 2026-04-15 00:35

NVD link : CVE-2024-22374

Mitre link : CVE-2024-22374

CVE.ORG link : CVE-2024-22374

JSON object : View

Products Affected

No product.

CWE

CWE-691

Insufficient Control Flow Management

{"id": "CVE-2024-22374", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secure@intel.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.0}], "cvssMetricV40": [{"type": "Secondary", "source": "secure@intel.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-08-14T14:15:18.100", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01073.html", "source": "secure@intel.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "secure@intel.com", "description": [{"lang": "en", "value": "CWE-691"}]}], "descriptions": [{"lang": "en", "value": "Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access."}, {"lang": "es", "value": "La gesti\u00f3n insuficiente del flujo de control para algunos procesadores Intel(R) Xeon puede permitir que un usuario autenticado potencialmente habilite la denegaci\u00f3n de servicio a trav\u00e9s del acceso local."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "secure@intel.com"}