CVE-2024-34153

Published: Sep 16, 2024Modified: Sep 23, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (1)

Products: Intel: Raid Web Console

Intel

1 product

Raid Web Console

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Raid Web Console	All versions

Related CWEs

CWE-427

Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

References (1)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00926.html

Source: secure@intel.com

Vendor Advisory

Timeline

No history available yet.