CVE-2019-0135

Published: Mar 14, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege via local access. L-SA-00206

Affected (5)

Products: Intel: Rapid Storage Technology Enterprise · Lenovo: Thinkstation P520 Firmware, Thinkstation P520c Firmware, Thinkstation P720 Firmware, Thinkstation P920 Firmware

Intel

1 product

Rapid Storage Technology Enterprise

Lenovo

4 products

Thinkstation P520 Firmware

Thinkstation P520c Firmware

Thinkstation P720 Firmware

Thinkstation P920 Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Rapid Storage Technology Enterprise	Before 5.5.0.2015

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkstation P520 Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkstation P520	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkstation P520c Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkstation P520c	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkstation P720 Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkstation P720	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkstation P920 Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkstation P920	All versions

Related CWEs

CWE-264

References (4)

https://support.lenovo.com/us/en/product_security/LEN-27843

Source: secure@intel.com

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.html

Source: secure@intel.com

Vendor Advisory

https://support.lenovo.com/us/en/product_security/LEN-27843

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.