CVE-2018-12161

Published: Oct 10, 2018Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access.

Affected (1)

Products: Intel: Raid Web Console

Intel

1 product

Raid Web Console

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Raid Web Console	Up to 3.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00171.html

Source: secure@intel.com

MitigationVendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00171.html

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.