Improper Permissions in Intel Data Center Manager Console
CVE-2020-12345

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Data Center Manager Console
Vendor: CVE Published:; 12 November 2020

What is CVE-2020-12345?

The Intel Data Center Manager Console exhibits improper permission settings during its installation process. This flaw could allow an authenticated user to potentially leverage local access to escalate privileges, leading to unintended access to sensitive functions within the application. Organizations using versions prior to 3.6.2 are advised to apply the latest updates to mitigate the associated risks.

Affected Version(s)

Intel(R) Data Center Manager Console before version 3.6.2

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2020
Vulnerability Reserved
Apr 28, 2020