Details of VAR-202208-1489

ID

VAR-202208-1489

CVE

CVE-2022-23403

TITLE

Intel's Intel Data Center Manager Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015192

DESCRIPTION

Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. Collects and analyzes real-time health, power and heat of various devices in the data center to help improve efficiency and uptime

Trust: 1.71

sources: NVD: CVE-2022-23403 // JVNDB: JVNDB-2022-015192 // VULHUB: VHN-415331

AFFECTED PRODUCTS

vendor:	intel	model:	data center manager	scope:	lt	version:	4.1	Trust: 1.0
vendor:	インテル	model:	intel data center manager	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel data center manager	scope:	eq	version:	4.1	Trust: 0.8
vendor:	インテル	model:	intel data center manager	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-015192 // NVD: CVE-2022-23403

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-23403
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-23403
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202208-3407
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-23403
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2022-23403
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-015192 // CNNVD: CNNVD-202208-3407 // NVD: CVE-2022-23403

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.1
problemtype:	Inappropriate input confirmation (CWE-20) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-415331 // JVNDB: JVNDB-2022-015192 // NVD: CVE-2022-23403

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-3407

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202208-3407

PATCH

title:

Intel Data Center Manager Enter the fix for the verification error vulnerability

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=205104

Trust: 0.6

sources: CNNVD: CNNVD-202208-3407

EXTERNAL IDS

db:	NVD	id:	CVE-2022-23403	Trust: 3.3
db:	JVN	id:	JVNVU99494206	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-015192	Trust: 0.8
db:	CNNVD	id:	CNNVD-202208-3407	Trust: 0.7
db:	AUSCERT	id:	ESB-2022.3942.2	Trust: 0.6
db:	VULHUB	id:	VHN-415331	Trust: 0.1

sources: VULHUB: VHN-415331 // JVNDB: JVNDB-2022-015192 // CNNVD: CNNVD-202208-3407 // NVD: CVE-2022-23403

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00662.html	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99494206/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23403	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-23403/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3942.2	Trust: 0.6

sources: VULHUB: VHN-415331 // JVNDB: JVNDB-2022-015192 // CNNVD: CNNVD-202208-3407 // NVD: CVE-2022-23403

SOURCES

db:	VULHUB	id:	VHN-415331
db:	JVNDB	id:	JVNDB-2022-015192
db:	CNNVD	id:	CNNVD-202208-3407
db:	NVD	id:	CVE-2022-23403

LAST UPDATE DATE

2024-08-14T13:12:25.888000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-415331	date:	2022-08-19T00:00:00
db:	JVNDB	id:	JVNDB-2022-015192	date:	2023-09-25T08:46:00
db:	CNNVD	id:	CNNVD-202208-3407	date:	2023-03-28T00:00:00
db:	NVD	id:	CVE-2022-23403	date:	2022-08-19T20:02:26.483

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-415331	date:	2022-08-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-015192	date:	2023-09-25T00:00:00
db:	CNNVD	id:	CNNVD-202208-3407	date:	2022-08-18T00:00:00
db:	NVD	id:	CVE-2022-23403	date:	2022-08-18T20:15:10.557