Lucene search

IntelCVELIST:CVE-2022-30297

HistoryNov 11, 2022 - 3:48 p.m.

CVE-2022-30297

2022-11-1115:48:39

intel

www.cve.org

cross-site scripting

intel ema software

privileged user

escalation of privilege

local access

3.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

12.7%

JSON

Cross-site scripting in the Intel® EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) EMA software",
    "versions": [
      {
        "version": "before version 1.8.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html

3.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVELIST:CVE-2022-30297