Escalation of Privilege Vulnerability in Intel Data Center Manager Software
CVE-2022-21225

8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Data Center Manager Software
Vendor: CVE Published:; 18 August 2022

Summary

A vulnerability exists in Intel Data Center Manager software versions prior to 4.1 due to improper neutralization of input. This flaw could allow an authenticated user to exploit SQL injection, enabling potential escalation of privilege through adjacent access. Attackers could leverage this issue to gain unauthorized access to sensitive resources or execute privileged operations that compromise the integrity of the system.

Affected Version(s)

Intel(R) Data Center Manager software before version 4.1

References

https://www.intel.com/content/www/us/en/security-center/a...

http://seclists.org/fulldisclosure/2022/Dec/1

mailing-list

http://packetstormsecurity.com/files/170180/Intel-Data-Ce...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 18, 2022
Vulnerability Reserved
Feb 18, 2022