ID

VAR-202111-1087


CVE

CVE-2021-0013


TITLE

Intel(R) EMA  Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-015265

DESCRIPTION

Improper input validation for Intel(R) EMA before version 1.5.0 may allow an unauthenticated user to potentially enable denial of service via network access. Intel(R) EMA There is an input validation vulnerability in.Service operation interruption (DoS) It may be in a state. Intel Endpoint Management Assistant (Intel EMA) is a management software developed by Intel Corporation for managing remote devices. The software provides security and convenience for telecommuting

Trust: 1.71

sources: NVD: CVE-2021-0013 // JVNDB: JVNDB-2021-015265 // VULHUB: VHN-371582

AFFECTED PRODUCTS

vendor:intelmodel:endpoint management assistantscope:ltversion:1.5.0

Trust: 1.0

vendor:インテルmodel:intel endpoint management assistantscope:eqversion: -

Trust: 0.8

vendor:インテルmodel:intel endpoint management assistantscope:eqversion:1.5.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-015265 // NVD: CVE-2021-0013

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-0013
value: HIGH

Trust: 1.0

NVD: CVE-2021-0013
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202111-929
value: HIGH

Trust: 0.6

VULHUB: VHN-371582
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-0013
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-371582
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-0013
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-0013
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929 // NVD: CVE-2021-0013

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

problemtype:Inappropriate input confirmation (CWE-20) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // NVD: CVE-2021-0013

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-929

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202111-929

PATCH

title:INTEL-SA-00482url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00482.html

Trust: 0.8

title:Intel Endpoint Management Assistant Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=170640

Trust: 0.6

sources: JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929

EXTERNAL IDS

db:NVDid:CVE-2021-0013

Trust: 3.3

db:JVNid:JVNVU91196719

Trust: 0.8

db:JVNDBid:JVNDB-2021-015265

Trust: 0.8

db:CNNVDid:CNNVD-202111-929

Trust: 0.7

db:AUSCERTid:ESB-2021.3726

Trust: 0.6

db:VULHUBid:VHN-371582

Trust: 0.1

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929 // NVD: CVE-2021-0013

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00482.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-0013

Trust: 1.4

url:https://jvn.jp/vu/jvnvu91196719/

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2021.3726

Trust: 0.6

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929 // NVD: CVE-2021-0013

SOURCES

db:VULHUBid:VHN-371582
db:JVNDBid:JVNDB-2021-015265
db:CNNVDid:CNNVD-202111-929
db:NVDid:CVE-2021-0013

LAST UPDATE DATE

2024-08-14T12:40:15.951000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-371582date:2021-11-19T00:00:00
db:JVNDBid:JVNDB-2021-015265date:2022-11-15T01:53:00
db:CNNVDid:CNNVD-202111-929date:2021-11-23T00:00:00
db:NVDid:CVE-2021-0013date:2021-11-19T18:27:41.320

SOURCES RELEASE DATE

db:VULHUBid:VHN-371582date:2021-11-17T00:00:00
db:JVNDBid:JVNDB-2021-015265date:2022-11-15T00:00:00
db:CNNVDid:CNNVD-202111-929date:2021-11-10T00:00:00
db:NVDid:CVE-2021-0013date:2021-11-17T20:15:08.503