Description
Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108780
Scores
CVSS v3
9.8
EPSS
0.0049
EPSS Percentile
65.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
intel/raid_web_console_3
< 4.186
Published
Jun 13, 2019
Tracked Since
Feb 18, 2026