3 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. Los permisos heredados inseguros en el instalador de algunos software de Intel Server Configuration Utility anteriores a la versión 16.0.9 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00925.html • CWE-277: Insecure Inherited Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. La ruta de búsqueda sin comillas en el instalador de algún software Intel Server Configuration Utility anterior a la versión 16.0.9 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00925.html • CWE-428: Unquoted Search Path or Element •

CVSS: 5.0EPSS: 1%CPEs: 25EXPL: 0

The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled. • ftp://download.intel.com/support/motherboards/server/sb/aa6791invalidlanconfiguration040504.pdf http://secunia.com/advisories/11315 http://support.intel.com/support/motherboards/server/sb/CS-010422.htm http://www.osvdb.org/4978 http://www.securityfocus.com/bid/10068 https://exchange.xforce.ibmcloud.com/vulnerabilities/15775 •