CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29887
https://notcve.org/view.php?id=CVE-2022-29887
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Cross-site Scripting (XSS) en algunos Intel(R) Manageability Commander software antes de la versión 2.3 puede permitir que un usuario no autenticado potencialmente habilite la escalada de privilegios a través de acceso a la red. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00893.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-41610
https://notcve.org/view.php?id=CVE-2022-41610
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC before version 2.4 software may allow an authenticated user to potentially enable denial of service via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00808.html • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-26341
https://notcve.org/view.php?id=CVE-2022-26341
Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access. Credenciales insuficientemente protegidas en el software de Intel(R) AMT SDK anterior a la versión 16.0.4.1, Intel(R) EMA anterior a la versión 1.7.1 e Intel(R) MC anterior a la versión 2.3.2 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del acceso a la red. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0126
https://notcve.org/view.php?id=CVE-2021-0126
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Una comprobación de entrada inapropiada para Intel(R) Manageability Commander versiones anteriores a 2.2, puede permitir que un usuario autenticado habilite potencialmente una escalada de privilegios por medio del acceso adyacente • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00519.html • CWE-20: Improper Input Validation •