CVE-2022-21225 - Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an

CVE-2022-21225

Summary

Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00662.html
http://seclists.org/fulldisclosure/2022/Dec/1
http://packetstormsecurity.com/files/170180/Intel-Data-Center-Manager-4.1-SQL-Injection.html

Vulnerable Configurations

cpe:2.3:a:intel:data_center_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:data_center_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:data_center_manager:3.6.2:*:*:*:*:*:*:*
cpe:2.3:a:intel:data_center_manager:3.6.2:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

30-01-2023 - 19:26

Published

18-08-2022 - 20:15

Last modified

30-01-2023 - 19:26