Intel Endpoint Management Assistant vulnerabilities

8 known vulnerabilities affecting intel/endpoint_management_assistant.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2024-32483HIGHCVSS 7.0fixed in 1.13.1.02024-11-13
CVE-2024-32483 [HIGH] CWE-284 CVE-2024-32483: Improper access control for some Intel(R) EMA software before version 1.13.1.0 may allow an authenti Improper access control for some Intel(R) EMA software before version 1.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2022-45128MEDIUMCVSS 5.5fixed in 1.9.0.02023-05-10
CVE-2022-45128 [MEDIUM] CWE-285 CVE-2022-45128: Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an authenticate Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an authenticated user to potentially enable denial of service via local access.
nvd
CVE-2022-38056MEDIUMCVSS 5.3fixed in 1.8.1.02023-02-16
CVE-2022-38056 [LOW] CVE-2022-38056: Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged u Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access.
nvd
CVE-2022-26341HIGHCVSS 8.8fixed in 1.7.12022-11-11
CVE-2022-26341 [HIGH] CWE-522 CVE-2022-26341: Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel( Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.
nvd
CVE-2022-30297HIGHCVSS 7.8fixed in 1.8.02022-11-11
CVE-2022-30297 [LOW] CWE-79 CVE-2022-30297: Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user t Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.
nvd
CVE-2021-0013HIGHCVSS 7.5fixed in 1.5.02021-11-17
CVE-2021-0013 [HIGH] CWE-20 CVE-2021-0013: Improper input validation for Intel(R) EMA before version 1.5.0 may allow an unauthenticated user to Improper input validation for Intel(R) EMA before version 1.5.0 may allow an unauthenticated user to potentially enable denial of service via network access.
nvd
CVE-2020-12315CRITICALCVSS 9.8fixed in 1.3.32020-11-12
CVE-2020-12315 [CRITICAL] CWE-22 CVE-2020-12315: Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potenti Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
nvd
CVE-2020-12316MEDIUMCVSS 5.5fixed in 1.3.32020-11-12
CVE-2020-12316 [MEDIUM] CWE-522 CVE-2020-12316: Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorize Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access.
nvd