CVE-2019-0105

Published: Feb 18, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access.

Affected (1)

Products: Intel: Data Center Manager

Intel

1 product

Data Center Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Data Center Manager	Before 5.0.2

Related CWEs

CWE-863

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (6)

http://www.securityfocus.com/bid/107069

Source: secure@intel.com

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01

Source: secure@intel.com

MitigationThird Party AdvisoryUS Government Resource

https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html

Source: secure@intel.com

Vendor Advisory

http://www.securityfocus.com/bid/107069

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party AdvisoryUS Government Resource

https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.