CVE-2022-41610

Published: May 10, 2023Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC before version 2.4 software may allow an authenticated user to potentially enable denial of service via local access.

Affected (2)

Products: Intel: Endpoint Management Assistant Configuration Tool, Manageability Commander

Intel

2 products

Endpoint Management Assistant Configuration Tool

Manageability Commander

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Intel Endpoint Management Assistant Configuration Tool	Before 1.0.4
Intel Manageability Commander	Before 2.4

Related CWEs

CWE-285

Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

CWE-863

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00808.html

Source: secure@intel.com

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00808.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.