Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00653
HistoryAug 09, 2022 - 12:00 a.m.

Intel® Edge Insights for Industrial Advisory

2022-08-0900:00:00
Intel Security Center
www.intel.com
26
intel edge insights
security vulnerabilities
privilege escalation
information disclosure
software update
cve-2022-22730
cve-2022-25966
cve-2022-21148
cve-2022-21152
intel
coordinated disclosure.

EPSS

0.002

Percentile

58.3%

JSON

Summary:

Potential security vulnerabilities in the Intel® Edge Insights for Industrialsoftwaremay allow escalation of privilege or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities.

Vulnerability Details:

** **CVEID: CVE-2022-22730

Description: Improper authentication in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L****

CVEID: CVE-2022-25966****

Description: Improper access control in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2022-21148****

Description: Improper access control in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 5.2 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N****

CVEID: CVE-2022-21152

Description: Improper access control in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 3.3 Low

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products:

Intel® Edge Insights for Industrial software before version 2.6.1.

Recommendations:

Intel recommends updating the Intel® Edge Insights for Industrial software to version 2.6.1 or later.****

Updates are available for download at this location: <https://github.com/open-edge-insights/&gt;

Acknowledgements:

These issues were found internally by Intel.****

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

cve 4
prion 4
cvelist 4
nvd 4
cve
cve
CVE-2022-25966
2022-08-18 20:15:10
CVE-2022-22730
2022-08-18 20:15:10
CVE-2022-21152
2022-08-18 20:15:09
prion
prion
Improper access control
2022-08-18 20:15:00
Authentication flaw
2022-08-18 20:15:00
Improper access control
2022-08-18 20:15:00
cvelist
cvelist
CVE-2022-22730
2022-08-18 19:44:53
CVE-2022-25966
2022-08-18 19:47:09
CVE-2022-21152
2022-08-18 19:47:35
nvd
nvd
CVE-2022-25966
2022-08-18 20:15:10
CVE-2022-22730
2022-08-18 20:15:10
CVE-2022-21152
2022-08-18 20:15:09

EPSS

0.002

Percentile

58.3%

JSON
Related for INTEL:INTEL-SA-00653
cve4prion4cvelist4nvd4