Sign-up

ID

VAR-202208-1512


CVE

CVE-2022-21225


TITLE

Intel's  Intel Data Center Manager  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015201

DESCRIPTION

Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Intel's Intel Data Center Manager Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Intel Data Center Manager is a software solution of Intel Corporation. Collects and analyzes real-time health, power and heat of various devices in the data center to help improve efficiency and uptime

Trust: 1.71

sources: NVD: CVE-2022-21225 // JVNDB: JVNDB-2022-015201 // VULHUB: VHN-415328

AFFECTED PRODUCTS

vendor:intelmodel:data center managerscope:ltversion:4.1

Trust: 1.0

vendor:インテルmodel:intel data center managerscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel data center managerscope:eqversion:4.1

Trust: 0.8

vendor:インテルmodel:intel data center managerscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-015201 // NVD: CVE-2022-21225

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-21225
value: HIGH

Trust: 1.0

NVD: CVE-2022-21225
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202208-3410
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-21225
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-21225
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-015201 // CNNVD: CNNVD-202208-3410 // NVD: CVE-2022-21225

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-863

Trust: 0.1

sources: VULHUB: VHN-415328 // JVNDB: JVNDB-2022-015201 // NVD: CVE-2022-21225

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202208-3410

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-3410

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-415328

PATCH
title:Intel Data Center Manager Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=205107
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202208-3410

EXTERNAL IDS
db:NVDid:CVE-2022-21225
Trust: 3.3
db:PACKETSTORMid:170180
Trust: 2.5
db:JVNid:JVNVU99494206
Trust: 0.8
db:JVNDBid:JVNDB-2022-015201
Trust: 0.8
db:CNNVDid:CNNVD-202208-3410
Trust: 0.7
db:CXSECURITYid:WLB-2022120022
Trust: 0.6
db:AUSCERTid:ESB-2022.3942.2
Trust: 0.6
db:VULHUBid:VHN-415328
Trust: 0.1
sources:
            
            
            VULHUB: VHN-415328 // 
            
            
            
            JVNDB: JVNDB-2022-015201 // 
            
            
            
            CNNVD: CNNVD-202208-3410 // 
            
            
            
            NVD: CVE-2022-21225

REFERENCES
url:http://seclists.org/fulldisclosure/2022/dec/1
Trust: 2.5
url:http://packetstormsecurity.com/files/170180/intel-data-center-manager-4.1-sql-injection.html
Trust: 2.5
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00662.html
Trust: 2.5
url:https://jvn.jp/vu/jvnvu99494206/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2022-21225
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2022.3942.2
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-21225/
Trust: 0.6
url:https://cxsecurity.com/issue/wlb-2022120022
Trust: 0.6
sources:
            
            
            VULHUB: VHN-415328 // 
            
            
            
            JVNDB: JVNDB-2022-015201 // 
            
            
            
            CNNVD: CNNVD-202208-3410 // 
            
            
            
            NVD: CVE-2022-21225

CREDITS
Julien Ahrens
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202208-3410

SOURCES
db:VULHUBid:VHN-415328
db:JVNDBid:JVNDB-2022-015201
db:CNNVDid:CNNVD-202208-3410
db:NVDid:CVE-2022-21225

LAST UPDATE DATE
2024-08-14T12:20:35.524000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-415328date:2023-01-30T00:00:00
db:JVNDBid:JVNDB-2022-015201date:2023-09-25T08:46:00
db:CNNVDid:CNNVD-202208-3410date:2023-03-28T00:00:00
db:NVDid:CVE-2022-21225date:2023-01-30T19:26:17.737

SOURCES RELEASE DATE
db:VULHUBid:VHN-415328date:2022-08-18T00:00:00
db:JVNDBid:JVNDB-2022-015201date:2023-09-25T00:00:00
db:CNNVDid:CNNVD-202208-3410date:2022-08-18T00:00:00
db:NVDid:CVE-2022-21225date:2022-08-18T20:15:10.170