Published: 2020-11-12
Risk
Low
Patch available
YES
Number of vulnerabilities
1
CVE ID
CVE-2020-12331
CWE ID
CWE-284
Exploitation vector
Local
Public exploit
N/A
Vulnerable softwareSubscribe
Intel Unite Cloud ServiceHardware solutions / Firmware
Vendor
Intel
Security Advisory
This security advisory describes one low risk vulnerability.
1) Improper access control
Risk: Low
CVSSv3: 5.8 [CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]
CVE-ID: CVE-2020-12331
CWE-ID: CWE-284 - Improper Access Control
Exploit availability: No
Description
The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A local user can bypass implemented security restrictions and gain elevated privileges on the target system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Intel Unite Cloud Service:
CPE
External links
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00418.html
< ..
Support the originator by clicking the read the rest link below.