Information Disclosure Vulnerability in Open CIT by Intel
CVE-2019-0181

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Open Cloud Integrity Technology And Openattestation
Vendor: CVE Published:; 13 June 2019

What is CVE-2019-0181?

The vulnerability arises from insufficient password protection in the attestation database for Open CIT. This flaw may allow an authenticated user to access sensitive information through local means, posing risks to data security and user privacy.

Affected Version(s)

Open Cloud Integrity Technology and OpenAttestation All versions of Open CIT and OpenAttestation.

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 13, 2019
Vulnerability Reserved
Nov 13, 2018