Intel Data Center Manager SDK 直到5.0.1 File Permission 信息公开

条目编辑历史差异jsonxmlCTI

字段2019-02-19 08時09分2020-05-11 09時46分
vendorIntelIntel
nameData Center Manager SDKData Center Manager SDK
version<=5.0.1<=5.0.1
componentFile PermissionFile Permission
cwe200 (信息公开)200 (信息公开)
risk11
cvss2_vuldb_basescore1.51.5
cvss2_vuldb_tempscore1.31.3
cvss2_vuldb_avLL
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_ciPP
cvss2_vuldb_iiNN
cvss2_vuldb_aiNN
cvss2_nvd_avLL
cvss2_nvd_acLL
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiNN
cvss2_nvd_aiNN
cvss3_meta_basescore4.44.4
cvss3_meta_tempscore4.24.2
cvss3_vuldb_basescore3.33.3
cvss3_vuldb_tempscore3.23.2
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iNN
cvss3_vuldb_aNN
cvss3_nvd_avLL
cvss3_nvd_acLL
cvss3_nvd_prLL
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cHH
cvss3_nvd_iNN
cvss3_nvd_aNN
date1550448000 (2019-02-18)1550448000 (2019-02-18)
urlhttps://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.htmlhttps://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version5.0.25.0.2
cveCVE-2019-0111CVE-2019-0111
cve_assigned15420672001542067200
cve_nvd_summaryImproper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
seealso130972 130973 130974 130975 130976 130977 130978 130979 130980 130982130972 130973 130974 130975 130976 130977 130978 130979 130980 130982
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
0day_days66
cvss3_nvd_basescore5.55.5
discoverydate1549929600
confirm_urlhttps://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html

Interested in the pricing of exploits?

See the underground prices here!