Insufficient Run Protection Vulnerability in Intel Data Center Manager SDK
CVE-2019-0106

6.7MEDIUM

Key Information:

Vendor
Intel
Status
Data Center Manager
Vendor
CVE Published:
18 February 2019

Summary

The Intel Data Center Manager SDK, prior to version 5.0.2, suffers from an insufficient run protection issue during its installation routine. This vulnerability could allow a privileged user with local access to exploit the system, potentially leading to an escalation of privilege. Effective mitigation strategies and updates are essential to enhance security and prevent unauthorized access.

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01
x_refsource_MISC
https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/107069
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.