SB2022081127 - Multiple vulnerabilities in Intel Data Center Manager

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022081127

SB2022081127 - Multiple vulnerabilities in Intel Data Center Manager

Published: August 11, 2022

Security Bulletin ID SB2022081127
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Adjecent network
Highest impact Code execution

Breakdown by Severity

Medium 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Improper access control (CVE-ID: CVE-2022-21225)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user on the local network can bypass implemented security restrictions and gain elevated privileges on the system.


2) Improper access control (CVE-ID: CVE-2022-23182)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker on the local network can bypass implemented security restrictions and gain elevated privileges on the system.


3) Improper Initialization (CVE-ID: CVE-2022-24378)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization. A local user can run a specially crafted application cause a denial of service condition on the target system.


4) Input validation error (CVE-ID: CVE-2022-23403)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References