Intel Manageability Commander vulnerabilities

CVE-2022-29887 [CRITICAL] CWE-79 CVE-2022-29887: Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVE-2022-41610 [MEDIUM] CWE-285 CVE-2022-41610: Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC befor Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC before version 2.4 software may allow an authenticated user to potentially enable denial of service via local access.

CVE-2022-26341 [HIGH] CWE-522 CVE-2022-26341: Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel( Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.

CVE-2021-0126 [HIGH] CWE-20 CVE-2021-0126: Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an a Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.