Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-11093 (GCVE-0-2019-11093)
Vulnerability from cvelistv5 – Published: 2019-05-17 15:41 – Updated: 2024-08-04 22:40
VLAI?
EPSS
Summary
Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) SCS Discovery Utility |
Affected:
Versions 12.0.0.129 and earlier.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:16.345Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) SCS Discovery Utility",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions 12.0.0.129 and earlier."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T15:41:37",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) SCS Discovery Utility",
"version": {
"version_data": [
{
"version_value": "Versions 12.0.0.129 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2019-11093",
"datePublished": "2019-05-17T15:41:37",
"dateReserved": "2019-04-11T00:00:00",
"dateUpdated": "2024-08-04T22:40:16.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:scs_discovery_utility:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.0.0.129\", \"matchCriteriaId\": \"ECB6D9B6-DA48-463A-9353-D90C3311BE03\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.\"}, {\"lang\": \"es\", \"value\": \"La service path no indicada en el instalador para Intel(R) SCS Discovery Utility versi\\u00f3n 12.0.0.129 y anteriores, puede permitir que un usuario autenticado habilite potencialmente el aumento de privilegios mediante un acceso local.\"}]",
"id": "CVE-2019-11093",
"lastModified": "2024-11-21T04:20:31.473",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-05-17T16:29:03.110",
"references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-428\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-11093\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-05-17T16:29:03.110\",\"lastModified\":\"2024-11-21T04:20:31.473\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\"La service path no indicada en el instalador para Intel(R) SCS Discovery Utility versi\u00f3n 12.0.0.129 y anteriores, puede permitir que un usuario autenticado habilite potencialmente el aumento de privilegios mediante un acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-428\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:scs_discovery_utility:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.0.0.129\",\"matchCriteriaId\":\"ECB6D9B6-DA48-463A-9353-D90C3311BE03\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
GSD-2019-11093
Vulnerability from gsd - Updated: 2023-12-13 01:24Details
Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-11093",
"description": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GSD-2019-11093"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-11093"
],
"details": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GSD-2019-11093",
"modified": "2023-12-13T01:24:02.591576Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) SCS Discovery Utility",
"version": {
"version_data": [
{
"version_value": "Versions 12.0.0.129 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intel:scs_discovery_utility:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.0.129",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11093"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-08-24T17:37Z",
"publishedDate": "2019-05-17T16:29Z"
}
}
}
CNVD-2020-18581
Vulnerability from cnvd - Published: 2020-03-22
VLAI Severity ?
Title
Intel SCS Discovery Utility权限许可和访问控制问题漏洞
Description
Intel SCS Discovery Utility是美国英特尔(Intel)公司的一款用于获取有关Intel AMT详细数据的实用程序。
Intel SCS Discovery Utility存在权限许可和访问控制问题漏洞。该漏洞源于网络系统或产品缺乏有效的权限许可和访问控制措施。目前暂无详细的漏洞细节提供。
Severity
中
Patch Name
Intel SCS Discovery Utility权限许可和访问控制问题漏洞的补丁
Patch Description
Intel SCS Discovery Utility是美国英特尔(Intel)公司的一款用于获取有关Intel AMT详细数据的实用程序。
Intel SCS Discovery Utility存在权限许可和访问控制问题漏洞。该漏洞源于网络系统或产品缺乏有效的权限许可和访问控制措施。目前暂无详细的漏洞细节提供。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-11093
Impacted products
| Name | Intel SCS Discovery Utility <=12.0.0.129 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-11093",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11093"
}
},
"description": "Intel SCS Discovery Utility\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u83b7\u53d6\u6709\u5173Intel AMT\u8be6\u7ec6\u6570\u636e\u7684\u5b9e\u7528\u7a0b\u5e8f\u3002\n\nIntel SCS Discovery Utility\u5b58\u5728\u6743\u9650\u8bb8\u53ef\u548c\u8bbf\u95ee\u63a7\u5236\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u7f3a\u4e4f\u6709\u6548\u7684\u6743\u9650\u8bb8\u53ef\u548c\u8bbf\u95ee\u63a7\u5236\u63aa\u65bd\u3002\u76ee\u524d\u6682\u65e0\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-18581",
"openTime": "2020-03-22",
"patchDescription": "Intel SCS Discovery Utility\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u83b7\u53d6\u6709\u5173Intel AMT\u8be6\u7ec6\u6570\u636e\u7684\u5b9e\u7528\u7a0b\u5e8f\u3002\r\n\r\nIntel SCS Discovery Utility\u5b58\u5728\u6743\u9650\u8bb8\u53ef\u548c\u8bbf\u95ee\u63a7\u5236\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u7f3a\u4e4f\u6709\u6548\u7684\u6743\u9650\u8bb8\u53ef\u548c\u8bbf\u95ee\u63a7\u5236\u63aa\u65bd\u3002\u76ee\u524d\u6682\u65e0\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Intel SCS Discovery Utility\u6743\u9650\u8bb8\u53ef\u548c\u8bbf\u95ee\u63a7\u5236\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Intel SCS Discovery Utility \u003c=12.0.0.129"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-11093",
"serverity": "\u4e2d",
"submitTime": "2019-05-22",
"title": "Intel SCS Discovery Utility\u6743\u9650\u8bb8\u53ef\u548c\u8bbf\u95ee\u63a7\u5236\u95ee\u9898\u6f0f\u6d1e"
}
GHSA-PH28-R8HF-MVQ7
Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2024-04-04 00:42
VLAI?
Details
Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2019-11093"
],
"database_specific": {
"cwe_ids": [
"CWE-428"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-17T16:29:00Z",
"severity": "MODERATE"
},
"details": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GHSA-ph28-r8hf-mvq7",
"modified": "2024-04-04T00:42:10Z",
"published": "2022-05-24T16:46:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11093"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CERTFR-2019-AVI-208
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel NUC Kit NUC8i7HNK avec une version du BIOS antérieure à 0054 | ||
| Intel | N/A | Intel Server Board | ||
| Intel | N/A | Intel Server System | ||
| Intel | N/A | Intel Celeron N Series | ||
| Intel | N/A | Intel Unite Client versions antérieures à v3.3.176.13 | ||
| Intel | N/A | Intel NUC Board NUC7i7DNBE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Atom Processor A Series | ||
| Intel | N/A | Intel Unite Client for Android versions antérieures à 4.0 | ||
| Intel | N/A | Intel i915 Graphics pour Linux versions antérieures à 5.0 | ||
| Intel | N/A | Intel Compute Module | ||
| Intel | N/A | Intel PROSet/Wireless WiFi versions antérieures à 21.0 | ||
| Intel | N/A | Intel NUC Kit NUC8i7HVK avec une version du BIOS antérieure à 0054 | ||
| Intel | N/A | Intel ACU Wizard Configurator_download_package versions antérieures à 12.1.0.87 | ||
| Intel | N/A | Intel Celeron J Series | ||
| Intel | N/A | Intel Xeon Processor D Family | ||
| Intel | N/A | Intel NUC Kit NUC7i5DNHE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Driver & Support Assistant versions antérieures à 19.4.18 | ||
| Intel | N/A | Intel Graphics Driver pour Windows sans le dernier correctif de sécurité | ||
| Intel | N/A | Intel NUC Kit NUC7i7DNHE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Pentium Processor Silver Series | ||
| Intel | N/A | Intel Quartus II et Intel Quartus Prime Standard Edition versions antérieures à 18.1.1 | ||
| Intel | N/A | Intel NUC Kit NUC7i7DNKE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Pentium Processor J Series | ||
| Intel | N/A | Intel SCS Discovery Utility avec SCS_download_package versions antérieures à 12.1.0.87 | ||
| Intel | N/A | Intel Atom Processor E3900 Series | ||
| Intel | N/A | Intel Xeon Scalable Processor | ||
| Intel | N/A | Intel Pentium Processor N Series | ||
| Intel | N/A | Intel Quartus Prime Pro Edition versions antérieures à 19.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel NUC Kit NUC8i7HNK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Board",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server System",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Celeron N Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Unite Client versions ant\u00e9rieures \u00e0 v3.3.176.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Board NUC7i7DNBE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processor A Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Unite Client for Android versions ant\u00e9rieures \u00e0 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel i915 Graphics pour Linux versions ant\u00e9rieures \u00e0 5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Compute Module",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel PROSet/Wireless WiFi versions ant\u00e9rieures \u00e0 21.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC8i7HVK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ACU Wizard Configurator_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Celeron J Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor D Family",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC7i5DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 19.4.18",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Graphics Driver pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC7i7DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Pentium Processor Silver Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus II et Intel Quartus Prime Standard Edition versions ant\u00e9rieures \u00e0 18.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC7i7DNKE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Pentium Processor J Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SCS Discovery Utility avec SCS_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processor E3900 Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Scalable Processor",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Pentium Processor N Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Pro Edition versions ant\u00e9rieures \u00e0 19.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0138"
},
{
"name": "CVE-2019-0120",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0120"
},
{
"name": "CVE-2019-0115",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0115"
},
{
"name": "CVE-2019-0132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0132"
},
{
"name": "CVE-2019-11093",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11093"
},
{
"name": "CVE-2019-11085",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11085"
},
{
"name": "CVE-2019-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0114"
},
{
"name": "CVE-2019-11094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11094"
},
{
"name": "CVE-2018-3701",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3701"
},
{
"name": "CVE-2019-0113",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0113"
},
{
"name": "CVE-2019-11114",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11114"
},
{
"name": "CVE-2019-0126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0126"
},
{
"name": "CVE-2019-11095",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11095"
},
{
"name": "CVE-2019-0171",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0171"
},
{
"name": "CVE-2019-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0119"
},
{
"name": "CVE-2019-0172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0172"
},
{
"name": "CVE-2019-0116",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0116"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-208",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-05-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00244 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00245 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00249 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00223 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00251 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00204 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00234 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00218 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00228 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00252 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
}
]
}
CERTFR-2019-AVI-208
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel NUC Kit NUC8i7HNK avec une version du BIOS antérieure à 0054 | ||
| Intel | N/A | Intel Server Board | ||
| Intel | N/A | Intel Server System | ||
| Intel | N/A | Intel Celeron N Series | ||
| Intel | N/A | Intel Unite Client versions antérieures à v3.3.176.13 | ||
| Intel | N/A | Intel NUC Board NUC7i7DNBE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Atom Processor A Series | ||
| Intel | N/A | Intel Unite Client for Android versions antérieures à 4.0 | ||
| Intel | N/A | Intel i915 Graphics pour Linux versions antérieures à 5.0 | ||
| Intel | N/A | Intel Compute Module | ||
| Intel | N/A | Intel PROSet/Wireless WiFi versions antérieures à 21.0 | ||
| Intel | N/A | Intel NUC Kit NUC8i7HVK avec une version du BIOS antérieure à 0054 | ||
| Intel | N/A | Intel ACU Wizard Configurator_download_package versions antérieures à 12.1.0.87 | ||
| Intel | N/A | Intel Celeron J Series | ||
| Intel | N/A | Intel Xeon Processor D Family | ||
| Intel | N/A | Intel NUC Kit NUC7i5DNHE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Driver & Support Assistant versions antérieures à 19.4.18 | ||
| Intel | N/A | Intel Graphics Driver pour Windows sans le dernier correctif de sécurité | ||
| Intel | N/A | Intel NUC Kit NUC7i7DNHE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Pentium Processor Silver Series | ||
| Intel | N/A | Intel Quartus II et Intel Quartus Prime Standard Edition versions antérieures à 18.1.1 | ||
| Intel | N/A | Intel NUC Kit NUC7i7DNKE avec une version du BIOS antérieure à 0062 | ||
| Intel | N/A | Intel Pentium Processor J Series | ||
| Intel | N/A | Intel SCS Discovery Utility avec SCS_download_package versions antérieures à 12.1.0.87 | ||
| Intel | N/A | Intel Atom Processor E3900 Series | ||
| Intel | N/A | Intel Xeon Scalable Processor | ||
| Intel | N/A | Intel Pentium Processor N Series | ||
| Intel | N/A | Intel Quartus Prime Pro Edition versions antérieures à 19.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel NUC Kit NUC8i7HNK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Board",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server System",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Celeron N Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Unite Client versions ant\u00e9rieures \u00e0 v3.3.176.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Board NUC7i7DNBE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processor A Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Unite Client for Android versions ant\u00e9rieures \u00e0 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel i915 Graphics pour Linux versions ant\u00e9rieures \u00e0 5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Compute Module",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel PROSet/Wireless WiFi versions ant\u00e9rieures \u00e0 21.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC8i7HVK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ACU Wizard Configurator_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Celeron J Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor D Family",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC7i5DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 19.4.18",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Graphics Driver pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC7i7DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Pentium Processor Silver Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus II et Intel Quartus Prime Standard Edition versions ant\u00e9rieures \u00e0 18.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit NUC7i7DNKE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Pentium Processor J Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SCS Discovery Utility avec SCS_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processor E3900 Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Scalable Processor",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Pentium Processor N Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Pro Edition versions ant\u00e9rieures \u00e0 19.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0138"
},
{
"name": "CVE-2019-0120",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0120"
},
{
"name": "CVE-2019-0115",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0115"
},
{
"name": "CVE-2019-0132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0132"
},
{
"name": "CVE-2019-11093",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11093"
},
{
"name": "CVE-2019-11085",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11085"
},
{
"name": "CVE-2019-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0114"
},
{
"name": "CVE-2019-11094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11094"
},
{
"name": "CVE-2018-3701",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3701"
},
{
"name": "CVE-2019-0113",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0113"
},
{
"name": "CVE-2019-11114",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11114"
},
{
"name": "CVE-2019-0126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0126"
},
{
"name": "CVE-2019-11095",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11095"
},
{
"name": "CVE-2019-0171",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0171"
},
{
"name": "CVE-2019-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0119"
},
{
"name": "CVE-2019-0172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0172"
},
{
"name": "CVE-2019-0116",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0116"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-208",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-05-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00244 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00245 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00249 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00223 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00251 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00204 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00234 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00218 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00228 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00252 du 14 mai 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
}
]
}
VAR-201905-1249
Vulnerability from variot - Updated: 2023-12-18 11:35Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Multiple Intel Products are prone to multiple local privilege-escalation vulnerabilities. Local attackers can exploit these issues to gain elevated privileges. Intel SCS Discovery Utility is a utility program of Intel Corporation for obtaining detailed data about Intel AMT. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1249",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scs discovery utility",
"scope": "lte",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.0.129"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "setup and configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1123"
},
{
"model": "setup and configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "12.0.0.129"
},
{
"model": "setup and configuration software",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "12.1.0.87"
}
],
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intel:scs_discovery_utility:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.0.129",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marius Gabriel Mihai",
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
],
"trust": 0.9
},
"cve": "CVE-2019-11093",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-11093",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142705",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-11093",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-11093",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-764",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142705",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Multiple Intel Products are prone to multiple local privilege-escalation vulnerabilities. \nLocal attackers can exploit these issues to gain elevated privileges. Intel SCS Discovery Utility is a utility program of Intel Corporation for obtaining detailed data about Intel AMT. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "VULHUB",
"id": "VHN-142705"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11093",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "BID",
"id": "108565",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-18581",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-142705",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
]
},
"id": "VAR-201905-1249",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
}
],
"trust": 0.6336601066666667
},
"last_update_date": "2023-12-18T11:35:25.504000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11093"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11093"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/108565"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-142705"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108565"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"date": "2019-05-17T16:29:03.110000",
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-142705"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108565"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
],
"trust": 0.6
}
}
FKIE_CVE-2019-11093
Vulnerability from fkie_nvd - Published: 2019-05-17 16:29 - Updated: 2024-11-21 04:20
Severity ?
Summary
Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | scs_discovery_utility | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:scs_discovery_utility:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB6D9B6-DA48-463A-9353-D90C3311BE03",
"versionEndIncluding": "12.0.0.129",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "La service path no indicada en el instalador para Intel(R) SCS Discovery Utility versi\u00f3n 12.0.0.129 y anteriores, puede permitir que un usuario autenticado habilite potencialmente el aumento de privilegios mediante un acceso local."
}
],
"id": "CVE-2019-11093",
"lastModified": "2024-11-21T04:20:31.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-17T16:29:03.110",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…