Lucene search
IntelCVE-2022-29887HistoryAug 11, 2023 - 3:15 a.m.
CVE-2022-29887
2023-08-1103:15:12
CWE-79
intel
web.nvd.nist.gov
23
cve-2022-29887
cross-site scripting
xss
intel
manageability commander
software
privilege escalation
network access
nvd
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.002
Percentile
55.3%
Cross-site Scripting (XSS) in some Intelยฎ Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Affected configurations
Node
intelmanageability_commanderRange<2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | manageability_commander | * | cpe:2.3:a:intel:manageability_commander:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Intel(R) Manageability Commander software",
"versions": [
{
"version": "before version 2.3",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Cross site scripting
2023-08-11 03:15:00
cvelist
cvelist
CVE-2022-29887
2023-08-11 02:37:20
nvd
nvd
CVE-2022-29887
2023-08-11 03:15:12
intel
intel
Intelยฎ Manageability Commander Software Advisory
2023-08-08 00:00:00
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.002
Percentile
55.3%
Related for CVE-2022-29887