CVE-2025-24313

State: PUBLISHED · Published: 2025-08-12 · Updated: 2025-08-13 · Assigner: intel

Description

Improper access control for some Device Plugins for Kubernetes software maintained by Intel before version 0.32.0 may allow a privileged user to potentially enable denial of service via local access.

CWE

CWE-284 — Improper Access Control

Affected

n/a / Device Plugins for Kubernetes software maintained by Intel — v=before version 0.32.0 [affected]

CVSS

4.0 score=6.7 severity=MEDIUM CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3.1 score=4.4 severity=MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01329.html

Source

cvelistV5-main/cves/2025/24xxx/CVE-2025-24313.json