Lucene search

IntelCVELIST:CVE-2022-41979

HistoryMay 10, 2023 - 1:17 p.m.

CVE-2022-41979

2023-05-1013:17:13

CWE-693

intel

www.cve.org

cve-2022-41979

intel

dcm

software

protection

mechanism

failure

authenticated user

escalation of privilege

network access

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

AI Score

Confidence

High

EPSS

0.001

Percentile

40.0%

JSON

Protection mechanism failure in the Intel® DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) DCM software",
    "versions": [
      {
        "version": "before version 5.1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00806.html

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

AI Score

Confidence

High

EPSS

0.001

Percentile

40.0%

JSON

Related for CVELIST:CVE-2022-41979