Improper authentication in Data Center Manager SDK - CVE-2019-0102
Published: February 20, 2019
Vulnerability identifier: #VU17789
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-0102
CWE-ID: CWE-287
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
Data Center Manager SDK
Data Center Manager SDK
Detailed vulnerability description
The vulnerability allows an adjacent unauthenticated attacker to gain elevated privileges on the target system.
The weakness exists due to insufficient session authentication in web server for Intel(R) Data Center Manager SDK. An adjacent attacker can gain elevated privileges.
The weakness exists due to insufficient session authentication in web server for Intel(R) Data Center Manager SDK. An adjacent attacker can gain elevated privileges.
How to mitigate CVE-2019-0102
Update to version 5.0.2.