CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43456
https://notcve.org/view.php?id=CVE-2022-43456
Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access. La ruta de búsqueda no controlada en algunos software Intel(R) RST anteriores a las versiones 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 y 19.5.2.1049.5 puede permitir que un usuario autenticado habilite potencialmente una escalada de privilegios mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00795.html • CWE-426: Untrusted Search Path CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25775 – kernel: irdma: Improper access control
https://notcve.org/view.php?id=CVE-2023-25775
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access. El control de acceso incorrecto en el Intel(R) Ethernet Controller RDMA driver para Linux antes de la versión 1.9.30 puede permitir que un usuario no autenticado habilite potencialmente la escalada de privilegios a través del acceso a la red. An improper access control flaw was found in the Intel(R) Ethernet Controller RDMA driver in the Linux Kernel. This flaw allows an unauthenticated user to enable privilege escalation via network access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://security.netapp.com/advisory/ntap-20230915-0013 https://access.redhat.com/security/cve/CVE-2023-25775 https://bugzilla.redhat.com/show_bug.cgi?id=2231410 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 569EXPL: 0CVE-2022-29871
https://notcve.org/view.php?id=CVE-2022-29871
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado en el instalador del software Intel(R) CSME anterior a la versión 2239.3.7.0 puede permitir que un usuario autenticado habilite potencialmente una escalada de privilegios mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html https://security.netapp.com/advisory/ntap-20230824-0002 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.2EPSS: 0%CPEs: 99EXPL: 0CVE-2022-38102
https://notcve.org/view.php?id=CVE-2022-38102
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access. La validación de entrada inadecuada en el firmware de algunos Intel(R) Converged Security and Management Engine anteriores a las versiones 15.0.45 y 16.1.27 puede permitir que un usuario con privilegios habilite potencialmente la denegación de servicio mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html https://security.netapp.com/advisory/ntap-20230824-0002 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 201EXPL: 0CVE-2022-36392
https://notcve.org/view.php?id=CVE-2022-36392
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access. La validación de entrada inadecuada en algunos firmware para Intel(R) AMT e Intel(R) Standard Manageability antes de las versiones 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45 y 16.1.27 en Intel (R) CSME puede permitir que un usuario no autenticado habilite potencialmente la denegación de servicio a través del acceso a la red. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html https://security.netapp.com/advisory/ntap-20230824-0002 • CWE-20: Improper Input Validation CWE-116: Improper Encoding or Escaping of Output •