Insufficient File Protection Vulnerability in Intel Data Center Manager SDK
CVE-2019-0104

5.5MEDIUM

Key Information:

Vendor

Intel
Status
Data Center Manager
Vendor
CVE Published:
18 February 2019

What is CVE-2019-0104?

The uninstall routine for Intel Data Center Manager SDK prior to version 5.0.2 contains insufficient file protection, which may be exploited by an authenticated user to gain unauthorized access to sensitive information via local access. This vulnerability highlights the critical need for robust file protection mechanisms to secure user data against potential disclosure.

References

http://www.securityfocus.com/bid/107109
vdb-entryx_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01
x_refsource_MISC
https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.