CVE-2024-28885

MEDIUM

Intel(R) QAT Engine <v1.6.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.

References (1)

Scores

CVSS v3 5.9
EPSS 0.0007
EPSS Percentile 20.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-203
Status published
Products (1)
n/a/Intel(R) QAT Engine for OpenSSL software before version v1.6.1
Published Nov 13, 2024
Tracked Since Feb 18, 2026