CVE-2022-33942

Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.1 / Impact : 6.0

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html	Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*

History

05 Feb 2025, 21:15

Type	Values Removed	Values Added
CWE		CWE-693

21 Nov 2024, 07:08

Type	Values Removed	Values Added
References	~~() https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html - Vendor Advisory~~	() https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html - Vendor Advisory

Information

Published : 2022-11-11 16:15

Updated : 2025-02-05 21:15

NVD link : CVE-2022-33942

Mitre link : CVE-2022-33942

CVE.ORG link : CVE-2022-33942

JSON object : View

Products Affected

intel

data_center_manager

CWE

NVD-CWE-Other CWE-693

Protection Mechanism Failure

{"id": "CVE-2022-33942", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secure@intel.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2022-11-11T16:15:15.097", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-693"}]}], "descriptions": [{"lang": "en", "value": "Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."}, {"lang": "es", "value": "La falla del mecanismo de protecci\u00f3n en el software Intel(R) DCM anterior a la versi\u00f3n 5.0 puede permitir que un usuario no autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso adyacente."}], "lastModified": "2025-02-05T21:15:18.953", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17F290FC-EC2A-4E64-9E66-5BC9857E55ED", "versionEndExcluding": "5.0"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}