CVE-2019-0130
HIGHIntel Rapid Storage Technology Enterprise < 5.5.0.2015 - Unauthenticated Reflected Cross-Site Scripting
Title source: llmDescription
Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via network access.
References (3)
Core 3
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108775
Third Party Advisory x_refsource_confirm
https://support.lenovo.com/us/en/product_security/LEN-27843
Scores
CVSS v3
7.4
EPSS
0.0085
EPSS Percentile
75.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Details
CWE
CWE-79
Status
published
Products (5)
intel/rapid_storage_technology_enterprise
< 5.5.0.2015
lenovo/thinkstation_p520_firmware
lenovo/thinkstation_p520c_firmware
lenovo/thinkstation_p720_firmware
lenovo/thinkstation_p920_firmware
Published
Jun 13, 2019
Tracked Since
Feb 18, 2026