Insufficient Password Protection in Open CIT by Intel
CVE-2019-0178

3.6LOW

Key Information:

Vendor: Intel
Status: Open Cloud Integrity Technology And Openattestation
Vendor: CVE Published:; 13 June 2019

Summary

The vulnerability arises from inadequate password protection in the attestation database of Open CIT, potentially allowing an authenticated user to access sensitive information through local means. This flaw underscores the importance of robust password management practices in securing user data.

Affected Version(s)

Open Cloud Integrity Technology and OpenAttestation All versions of Open CIT and OpenAttestation.

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.6

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 13, 2019
Vulnerability Reserved
Nov 13, 2018