Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Open Cloud Integrity Technology and OpenAttestation Advisory

🗓️ 11 Jun 2019 00:00:00Reported by Intel Security CenterType 
intel
 intel🔗 www.intel.com👁 33 Views

Open CIT & OpenAttestation have vulnerabilities allowing information disclosure & privilege escalation via local access. Intel released updates to mitigate CVE-2019-0179, CVE-2019-0180, CVE-2019-0178, CVE-2019-0177, CVE-2019-0175, CVE-2019-0181, CVE-2019-0182, CVE-2019-0183 & CVE-2019-11092

Related
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, a tool for creating cloud services, is related to the “race-to-availability” scenario, which allows a attacker to expose protected information.
21 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, a tool for creating cloud services, stems from deficiencies in access control within the certification database. This allows attackers to disclose protected information.
21 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, a tool for creating cloud services, lies in the insufficient password protection in configuration files, which allows attackers to disclose sensitive information.
21 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, a tool used for creating cloud services, stems from insufficient validation of input data during the host certification process. This allows attackers to disclose protected information.
21 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the OpenAttestation agent, related to errors in the implementation of the host attestation process, allows a violator to disclose the protected information.
21 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, which is used to create cloud services, and the OpenAttestation agent, arises from errors in checking input data. This allows attackers to exploit these vulnerabilities to increase their privileges.
21 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, which is used to create cloud services, and the OpenAttestation agent exists due to errors in path name restrictions for restricted access directories. This allows attackers to disclose protected information.
26 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, which is used to create cloud services, and the OpenAttestation agent, arises from password handling issues during system login processes. This allows attackers to compromise the protected information.
26 Jun 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Open Cloud Integrity Technology, a tool for creating cloud services, stems from password handling flaws during system login processes. This allows attackers to compromise the protected information.
26 Jun 201900:00
bdu_fstec
CNVD		Intel Open Cloud Integrity Technology Information Disclosure Vulnerability
14 Jun 201900:00
cnvd
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Jun 2019 00:00Current
5.3Medium risk
Vulners AI Score5.3
CVSS 24.6
CVSS 3.16.7
EPSS0.00337
open citopenattestationvulnerabilitiesinformation disclosureprivilege escalationlocal accessintelupdatescve-2019-0179cve-2019-0180cve-2019-0178cve-2019-0177cve-2019-0175cve-2019-0181cve-2019-0182cve-2019-0183cve-2019-11092
33