Insufficient Credential Protection in Intel EMA Software
CVE-2020-12316

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ema
Vendor: CVE Published:; 12 November 2020

What is CVE-2020-12316?

The Intel EMA software prior to version 1.3.3 is affected by vulnerabilities due to insufficiently protected credentials, potentially allowing an authorized user to gain unauthorized access and disclose sensitive information via local methods. This exposes critical data and can lead to further exploitation if not promptly addressed.

Affected Version(s)

Intel(R) EMA before version 1.3.3

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2020
Vulnerability Reserved
Apr 28, 2020