Privilege escalation in Intel RAID Web Console

Published: 2018-11-26 | Updated: 2018-12-24

Risk	Low
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2018-3699 CVE-2018-3696
CWE-ID	CWE-79 CWE-592
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software Subscribe	RAID Web Console 3 Universal components / Libraries / Software for developers
Vendor	Intel

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Cross-site scripting

EUVDB-ID: #VU16058

Risk: Low

CVSSv3.1: 4.5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-3699

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows an adjacent attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. An adjacent attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability results in privilege escalation.

Mitigation

Update to version 4.186.

Vulnerable software versions

RAID Web Console 3: before 4.186

External links

http://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00199.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Authentication bypass

EUVDB-ID: #VU16668

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-3696

CWE-ID: CWE-592 - Authentication Bypass Issues