#VU17789 Improper authentication in Data Center Manager SDK - CVE-2019-0102
Published: February 20, 2019
Vulnerability identifier: #VU17789
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-0102
CWE-ID: CWE-287
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Data Center Manager SDK
Data Center Manager SDK
Software vendor:
Intel
Intel
Description
The vulnerability allows an adjacent unauthenticated attacker to gain elevated privileges on the target system.
The weakness exists due to insufficient session authentication in web server for Intel(R) Data Center Manager SDK. An adjacent attacker can gain elevated privileges.
The weakness exists due to insufficient session authentication in web server for Intel(R) Data Center Manager SDK. An adjacent attacker can gain elevated privileges.
Remediation
Update to version 5.0.2.