Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00716
HistoryNov 08, 2022 - 12:00 a.m.

Intel® EMA Software Advisory

2022-11-0800:00:00
Intel Security Center
www.intel.com
15
intel
ema
privilege escalation
software update
cve-2022-30297
cross-site scripting
low vulnerability
version 1.8.0
coordinated disclosure

EPSS

0

Percentile

12.6%

JSON

Summary:

A potential security vulnerability in the Intel® Endpoint Management Assistant (EMA) software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2022-30297

Description: Cross-site scripting in the Intel® EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 3.8 Low

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L****

Affected Products:

Intel® EMA software before version 1.8.0.

Recommendations:

Intel recommends updating the Intel® EMA software to version 1.8.0 or later.

Updates are available for download at this location:

<https://www.intel.com/content/www/us/en/download/19449&gt;

Acknowledgements:

This issue was found externally.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

cvelist 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2022-30297
2022-11-11 15:48:39
cve
cve
CVE-2022-30297
2022-11-11 16:15:14
prion
prion
Cross site scripting
2022-11-11 16:15:00
nvd
nvd
CVE-2022-30297
2022-11-11 16:15:14

EPSS

0

Percentile

12.6%

JSON
Related for INTEL:INTEL-SA-00716
cvelist1cve1prion1nvd1