CVE-2020-24454
HIGHIntel(R) Quartus(R) Prime <20.3-20.2 - Info Disclosure
Title source: llmDescription
Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may allow unauthenticated user to potentially enable information disclosure via network access.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00446
Scores
CVSS v3
7.5
EPSS
0.0039
EPSS Percentile
60.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-611
Status
published
Products (2)
intel/quartus_prime
< 20.1
intel/quartus_prime
< 20.3
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026