Insufficient Key Management in Intel Data Center Manager SDK
CVE-2019-0110

5.5MEDIUM

Key Information:

Vendor
Intel
Status
Data Center Manager
Vendor
CVE Published:
18 February 2019

Summary

Insufficient key management in the Intel Data Center Manager SDK before version 5.0.2 may expose sensitive information to authenticated users through local access, potentially compromising the security and integrity of the system. It is crucial for users to upgrade to the latest version to mitigate associated risks.

References

http://www.securityfocus.com/bid/107071
vdb-entryx_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01
x_refsource_MISC
https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.