Intel Raid Web Console 3 vulnerabilities

CVE-2020-0564 [HIGH] CWE-276 CVE-2020-0564: Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-14601 [HIGH] CWE-276 CVE-2019-14601: Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 ma Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-11119 [CRITICAL] CVE-2019-11119: Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may al Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVE-2018-3699 [MEDIUM] CWE-79 CVE-2018-3699: Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access.

CVE-2018-3696 [MEDIUM] CWE-287 CVE-2018-3696: Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivil Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access.