PRIOn knowledge basePRION:CVE-2019-0136Improper access control
7.4 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
45.7%
Insufficient access control in the Intelยฎ PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
| CPE | Name | Operator | Version |
|---|---|---|---|
| proset\\/wireless_wifi | lt | 21.10 |
References
jvn.jp/en/jp/JVN75617741/index.html
packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
www.securityfocus.com/bid/108777
lists.debian.org/debian-lts-announce/2019/09/msg00014.html
lists.debian.org/debian-lts-announce/2019/09/msg00015.html
lists.debian.org/debian-lts-announce/2019/09/msg00025.html
lists.debian.org/debian-lts-announce/2020/03/msg00001.html
support.lenovo.com/us/en/product_security/LEN-27828
usn.ubuntu.com/4115-1/
usn.ubuntu.com/4118-1/
usn.ubuntu.com/4145-1/
usn.ubuntu.com/4147-1/
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html
Related
7.4 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
45.7%