Details of VAR-202111-1087

ID

VAR-202111-1087

CVE

CVE-2021-0013

TITLE

Intel(R) EMA Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-015265

DESCRIPTION

Improper input validation for Intel(R) EMA before version 1.5.0 may allow an unauthenticated user to potentially enable denial of service via network access. Intel(R) EMA There is an input validation vulnerability in.Service operation interruption (DoS) It may be in a state. Intel Endpoint Management Assistant (Intel EMA) is a management software developed by Intel Corporation for managing remote devices. The software provides security and convenience for telecommuting

Trust: 1.71

sources: NVD: CVE-2021-0013 // JVNDB: JVNDB-2021-015265 // VULHUB: VHN-371582

AFFECTED PRODUCTS

vendor:	intel	model:	endpoint management assistant	scope:	lt	version:	1.5.0	Trust: 1.0
vendor:	インテル	model:	intel endpoint management assistant	scope:	eq	version:	-	Trust: 0.8
vendor:	インテル	model:	intel endpoint management assistant	scope:	eq	version:	1.5.0	Trust: 0.8

sources: JVNDB: JVNDB-2021-015265 // NVD: CVE-2021-0013

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-0013
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-0013
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202111-929
value:	HIGH
Trust: 0.6
VULHUB:	VHN-371582
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-0013
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-371582
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-0013
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-0013
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929 // NVD: CVE-2021-0013

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.1
problemtype:	Inappropriate input confirmation (CWE-20) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // NVD: CVE-2021-0013

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-929

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202111-929

PATCH

title:	INTEL-SA-00482	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00482.html	Trust: 0.8
title:	Intel Endpoint Management Assistant Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=170640	Trust: 0.6

sources: JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929

EXTERNAL IDS

db:	NVD	id:	CVE-2021-0013	Trust: 3.3
db:	JVN	id:	JVNVU91196719	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-015265	Trust: 0.8
db:	CNNVD	id:	CNNVD-202111-929	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.3726	Trust: 0.6
db:	VULHUB	id:	VHN-371582	Trust: 0.1

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929 // NVD: CVE-2021-0013

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00482.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0013	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu91196719/	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2021.3726	Trust: 0.6

sources: VULHUB: VHN-371582 // JVNDB: JVNDB-2021-015265 // CNNVD: CNNVD-202111-929 // NVD: CVE-2021-0013

SOURCES

db:	VULHUB	id:	VHN-371582
db:	JVNDB	id:	JVNDB-2021-015265
db:	CNNVD	id:	CNNVD-202111-929
db:	NVD	id:	CVE-2021-0013

LAST UPDATE DATE

2024-08-14T12:40:15.951000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-371582	date:	2021-11-19T00:00:00
db:	JVNDB	id:	JVNDB-2021-015265	date:	2022-11-15T01:53:00
db:	CNNVD	id:	CNNVD-202111-929	date:	2021-11-23T00:00:00
db:	NVD	id:	CVE-2021-0013	date:	2021-11-19T18:27:41.320

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-371582	date:	2021-11-17T00:00:00
db:	JVNDB	id:	JVNDB-2021-015265	date:	2022-11-15T00:00:00
db:	CNNVD	id:	CNNVD-202111-929	date:	2021-11-10T00:00:00
db:	NVD	id:	CVE-2021-0013	date:	2021-11-17T20:15:08.503