CVE-2022-40210

CWE-488CWE-668Exposure to Wrong Sphere3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 78.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Data Center Manager
Timeline
PublishedMay 10

Description

Exposure of data element to wrong session in the Intel DCM software before version 5.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:LExploitability: 1.3 | Impact: 5.5

Affected Packages2 packages

CVEListV5intel_dcm_softwarebefore version 5.0.1

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

2
GHSA
GHSA-hm8w-pxcf-mj62: Exposure of data element to wrong session in the Intel DCM software before version 52023-05-10
CVEList
CVE-2022-40210: Exposure of data element to wrong session in the Intel DCM software before version 52023-05-10
CVE-2022-40210 (HIGH CVSS 7.8) | Exposure of data element to wrong s | cvebase.io