CVE-2017-5738

CWE-200Information ExposureCWE-284Improper Access Control4 documents4 sources
Severity
9.1CRITICAL
EPSS
0.5%
top 33.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel Corporation Unite APPIntel Unite
Timeline
PublishedNov 16
Latest updateMay 13

Description

Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages2 packages

NVDintel/unite3.1.32.12, 3.1.41.18, 3.1.45.26+2
CVEListV5intel_corporation/unite_appAdmin Portal versions 3.1.32.12, 3.1.41.18, 3.1.45.26

Patches

Patch: security-center.intel.comPatch: security-center.intel.com

🔴Vulnerability Details

2
GHSA
GHSA-76j8-5m68-735c: Escalation of privilege vulnerability in admin portal for Intel Unite App versions 32022-05-13
CVEList
CVE-2017-5738: Escalation of privilege vulnerability in admin portal for Intel Unite App versions 32017-11-16

📋Vendor Advisories

1
Red Hat
bind: Improper handling of configuration allows all clients to perform recursive queries2018-06-12
CVE-2017-5738 (CRITICAL CVSS 9.1) | Escalation of privilege vulnerabili | cvebase.io