cvelistv5 - CVE-2019-11117

CVE-2019-11117 (GCVE-0-2019-11117)

Vulnerability from cvelistv5

Published

2019-06-13 15:36

Modified

2024-08-04 22:48

Severity ?

CWE

Escalation of Privilege

Summary

References

URL

	Vendor	Product	Version
	n/a	Intel(R) Omni-Path Fabric Manager GUI	Version: Version before 10.9.2.1.1

ghsa-gr24-m2h5-6j5g

Vulnerability from github

Published

2022-05-24 16:47

Modified

2023-03-02 18:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-11117"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-06-13T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.",
  "id": "GHSA-gr24-m2h5-6j5g",
  "modified": "2023-03-02T18:30:31Z",
  "published": "2022-05-24T16:47:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11117"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108788"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2019-11117

Vulnerability from fkie_nvd

Published

2019-06-13 16:29

Modified

2024-11-21 04:20

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@intel.com	http://www.securityfocus.com/bid/108788	Broken Link, Third Party Advisory, VDB Entry
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/in	Vendor Advisory
nvd@nist.gov	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108788	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/in	Vendor Advisory

Impacted products

	Vendor	Product	Version
	intel	omni-path_fabric_manager_gui	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:omni-path_fabric_manager_gui:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BFF4E88-F723-4755-A58D-BC3F381C2BC3",
              "versionEndExcluding": "10.9.2.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack."
    },
    {
      "lang": "es",
      "value": "Los permisos inapropiados en el instalador para la GUI de Omni-Path Fabric Manager de Intel\u00ae anterior a versi\u00f3n 10.9.2.1.1, pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios por medio de un ataque local."
    }
  ],
  "id": "CVE-2019-11117",
  "lastModified": "2024-11-21T04:20:33.943",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.293",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108788"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2019-11117

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2019-11117

Aliases

CVE-2019-11117

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-11117",
    "description": "Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.",
    "id": "GSD-2019-11117"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-11117"
      ],
      "details": "Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.",
      "id": "GSD-2019-11117",
      "modified": "2023-12-13T01:24:02.045065Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2019-11117",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Omni-Path Fabric Manager GUI",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Version before 10.9.2.1.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Escalation of Privilege"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/in",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
          },
          {
            "name": "108788",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/108788"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:omni-path_fabric_manager_gui:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.9.2.1.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11117"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/in",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
            },
            {
              "name": "108788",
              "refsource": "BID",
              "tags": [
                "Broken Link",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/108788"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-03-02T16:10Z",
      "publishedDate": "2019-06-13T16:29Z"
    }
  }
}

Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack. Intel Omni-Path Fabric Manager GUI is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Versions prior to Intel Omni-Path Fabric Manager GUI prior to 10.9.2.1.1 are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201906-1228",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "omni-path fabric manager gui",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "10.9.2.1.1"
      },
      {
        "model": "accelerated storage manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "chipset device software",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "compute card",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "compute stick",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "core i3",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "core i5",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "core x-series",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "pentium",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor 2000 series"
      },
      {
        "model": "pentium",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor 3000 series"
      },
      {
        "model": "pentium",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor g series"
      },
      {
        "model": "proset/wireless software driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "raid web console v3",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for windows"
      },
      {
        "model": "sgx dcap linux driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "sgx linux client driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "turbo boost max technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "xeon",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor e7 v3 family"
      },
      {
        "model": "xeon",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor e7 v5 family"
      },
      {
        "model": "xeon",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor e7 v7 family"
      },
      {
        "model": "ite tech* consumer infrared driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for windows 10"
      },
      {
        "model": "open cloud integrity technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "openattestation",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10.9.2.0.7"
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10.9.0.0.208"
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10.9.0.0.206"
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10.7.0.0.145"
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10.0.1.0.45"
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10.0.0.0.691"
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10.9.2.1.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108788"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:intel:accelerated_storage_manager",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:chipset_device_software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:compute_card_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:compute_stick_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:core_i3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:core_i5",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:core_x-series",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:nuc_kit_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:omni-path_fabric_manager_gui",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:pentium",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:intel:raid_web_console_3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:sgx_dcap_linux_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:sgx_linux_client_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:turbo_boost_max_technology",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:xeon",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:ite_tech_consumer_infrared_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:open_cloud_integrity_technology",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:openattestation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Marius Gabriel Mihai.",
    "sources": [
      {
        "db": "BID",
        "id": "108788"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2019-11117",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-11117",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-142731",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2019-11117",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-11117",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201906-576",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142731",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142731"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack. Intel Omni-Path Fabric Manager GUI is prone to a local privilege-escalation vulnerability. \nA local attacker can exploit this issue to gain elevated privileges. \nVersions prior to Intel Omni-Path Fabric Manager GUI prior to 10.9.2.1.1 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11117"
      },
      {
        "db": "BID",
        "id": "108788"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142731"
      }
    ],
    "trust": 1.26
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-11117",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "108788",
        "trust": 2.0
      },
      {
        "db": "JVN",
        "id": "JVNVU95572531",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-18596",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-142731",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142731"
      },
      {
        "db": "BID",
        "id": "108788"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "id": "VAR-201906-1228",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142731"
      }
    ],
    "trust": 0.35292397
  },
  "last_update_date": "2024-11-23T20:23:19.382000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "[INTEL-SA-00248] Open Cloud Integrity Technology and OpenAttestation Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00248.html"
      },
      {
        "title": "[INTEL-SA-00257] Intel Omni-Path Fabric Manager GUI Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
      },
      {
        "title": "[INTEL-SA-00259] Intel RAID Web Console 3 for Windows* Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html"
      },
      {
        "title": "[INTEL-SA-00224] Intel Chipset Device Software (INF Update Utility) Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html"
      },
      {
        "title": "[INTEL-SA-00264] Intel NUC Firmware Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
      },
      {
        "title": "[INTEL-SA-00226] Intel Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.html"
      },
      {
        "title": "[INTEL-SA-00206] ITE Tech* Consumer Infrared Driver for Windows 10 Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00206.html"
      },
      {
        "title": "[INTEL-SA-00232] Intel PROSet/Wireless WiFi Software Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html"
      },
      {
        "title": "[INTEL-SA-00235] Intel SGX for Linux Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00235.html"
      },
      {
        "title": "[INTEL-SA-00243] Intel Turbo Boost Max Technology 3.0 Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html"
      },
      {
        "title": "[INTEL-SA-00247] Partial Physical Address Leakage Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00247.html"
      },
      {
        "title": "Intel Omni-Path Fabric Manager GUI Remediation measures for authorization problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93798"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-275",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142731"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/108788"
      },
      {
        "trust": 1.7,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11117"
      },
      {
        "trust": 0.9,
        "url": "http://www.intel.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0130"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0179"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11123"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0136"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0180"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11124"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0157"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0181"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11125"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0164"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0182"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11126"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11127"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0174"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0183"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11128"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0175"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11092"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11129"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3702"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0177"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11117"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0128"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0178"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11119"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu95572531"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0128"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0178"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11119"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0130"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0179"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11123"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0136"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0180"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11124"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0157"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0181"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11125"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0164"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0182"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11126"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0174"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0183"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11127"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0175"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11092"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11128"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3702"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0177"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11129"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142731"
      },
      {
        "db": "BID",
        "id": "108788"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-142731"
      },
      {
        "db": "BID",
        "id": "108788"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-06-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142731"
      },
      {
        "date": "2019-06-11T00:00:00",
        "db": "BID",
        "id": "108788"
      },
      {
        "date": "2019-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "date": "2019-06-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      },
      {
        "date": "2019-06-13T16:29:01.293000",
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-03-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142731"
      },
      {
        "date": "2019-06-11T00:00:00",
        "db": "BID",
        "id": "108788"
      },
      {
        "date": "2019-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "date": "2020-08-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      },
      {
        "date": "2024-11-21T04:20:33.943000",
        "db": "NVD",
        "id": "CVE-2019-11117"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "108788"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Multiple vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-576"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2019-AVI-271

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Core X-series Processors, 4th Generation Intel Core i5 Processors,4th Generation Intel Core i3 Processors, Intel Pentium Processor G Series, Intel Pentium Processor 3000 Series, Intel Celeron Processor 2000 Series, Intel Xeon Processor E7 v3 Family, Intel Xeon Processor E5 v3 Family et Intel Xeon Processor E3 v3 Family
Intel	N/A	ITE Tech Consumer Infrared Driver pour Windows 10 versions antérieures à 5.4.3.0
Intel	N/A	Intel NUC, vérifier sur le site du constructeur pour les versions vulnérables (cf. section Documentation).
Intel	N/A	Intel Omni-Path Fabric Manager GUI versions antérieures à 10.9.2.1.1
Intel	N/A	Intel Accelerated Storage Manager dans Intel RSTe versions antérieures à 5.5.0.2015
Intel	N/A	Intel RAID Web Console 3 pour Windows versions antérieures à 7.009.011.000
Intel	N/A	Intel Turbo Boost Max Technology 3.0 microgiciels versions 1.0.0.1035 et antérieures
Intel	N/A	Intel PROSet/Wireless WiFi Software versions antérieures à 21.10 pour Microsoft Windows 7, 8.1 et 10
Intel	N/A	Intel SGX DCAP Linux driver versions antérieures à 1.1
Intel	N/A	Intel Chipset Device Software (INF Update Utility) versions antérieures à 10.1.1.45
Intel	N/A	Intel SGX Linux client driver versions antérieures à 2.5

References

Title

Publication Time

cnvd-2020-18596

Vulnerability from cnvd

Title

Intel Omni-Path Fabric Manager GUI授权问题漏洞

Description

Intel Omni-Path Fabric Manager GUI是美国英特尔（Intel）公司的一款用于Intel Omni-Path Fabric（通信架构）管理的图形界面。 Intel Omni-Path Fabric Manager GUI存在授权问题漏洞。攻击者可利用该漏洞提升权限。

Severity

中

Patch Name

Intel Omni-Path Fabric Manager GUI授权问题漏洞的补丁

Patch Description

Intel Omni-Path Fabric Manager GUI是美国英特尔（Intel）公司的一款用于Intel Omni-Path Fabric（通信架构）管理的图形界面。 Intel Omni-Path Fabric Manager GUI存在授权问题漏洞。攻击者可利用该漏洞提升权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-11117

Impacted products

Name
Intel Omni-Path Fabric Manager GUI <10.9.2.1.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11117"
    }
  },
  "description": "Intel Omni-Path Fabric Manager GUI\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8eIntel Omni-Path Fabric\uff08\u901a\u4fe1\u67b6\u6784\uff09\u7ba1\u7406\u7684\u56fe\u5f62\u754c\u9762\u3002\n\nIntel Omni-Path Fabric Manager GUI\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-18596",
  "openTime": "2020-03-22",
  "patchDescription": "Intel Omni-Path Fabric Manager GUI\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8eIntel Omni-Path Fabric\uff08\u901a\u4fe1\u67b6\u6784\uff09\u7ba1\u7406\u7684\u56fe\u5f62\u754c\u9762\u3002\r\n\r\nIntel Omni-Path Fabric Manager GUI\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Omni-Path Fabric Manager GUI\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel Omni-Path Fabric Manager GUI \u003c10.9.2.1.1"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-11117",
  "serverity": "\u4e2d",
  "submitTime": "2019-06-14",
  "title": "Intel Omni-Path Fabric Manager GUI\u6388\u6743\u95ee\u9898\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-11117 (GCVE-0-2019-11117)

Vulnerability from cvelistv5

ghsa-gr24-m2h5-6j5g

Vulnerability from github

fkie_cve-2019-11117

Vulnerability from fkie_nvd

gsd-2019-11117

Vulnerability from gsd

var-201906-1228

Vulnerability from variot

CERTFR-2019-AVI-271

Vulnerability from certfr_avis

Solution

cnvd-2020-18596

Vulnerability from cnvd

Tags

Sightings

Nomenclature