Vulnerability Details : CVE-2019-0102
Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Products affected by CVE-2019-0102
- cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-0102
2.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-0102
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.8
|
MEDIUM | AV:A/AC:L/Au:N/C:P/I:P/A:P |
6.5
|
6.4
|
NIST | |
|
8.8
|
HIGH | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2019-0102
-
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-0102
-
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01
Intel Data Center Manager SDK | CISAUS Government Resource;Third Party Advisory
-
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html
INTEL-SA-00215Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
[security-announce] openSUSE-SU-2020:1105-1: moderate: Security update f
-
http://www.securityfocus.com/bid/107069
Intel Data Center Manager SDK Multiple Privilege Escalation VulnerabilitiesThird Party Advisory;VDB Entry
Jump to