CVE-2021-0131
MEDIUMIntel Security Library < 3.3 - Authenticated Information Disclosure via Weak PRNG
Title source: llmDescription
Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable information disclosure via network access.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html
Scores
CVSS v3
6.5
EPSS
0.0081
EPSS Percentile
52.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-338
Status
published
Products (1)
intel/secl-dc
< 3.3
Published
Jun 09, 2021
Tracked Since
Feb 18, 2026