Improper Access Control in Intel RAID Web Console Software
CVE-2024-34543

7.8HIGH

Key Information:

Vendor: Intel
Status: Raid Web Console
Vendor: CVE Published:; 16 September 2024

What is CVE-2024-34543?

The vulnerability identified in Intel RAID Web Console software stems from improper access control mechanisms, which may permit an authenticated user to exploit local access to elevate privileges. This poses significant risks as it can allow unauthorized actions within the system, potentially leading to data breaches or system compromise. Organizations using this software are encouraged to review their access control protocols to mitigate the risk associated with this vulnerability.

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024