CVE-2019-11119

CVE Database · CVE-2019-11119

CVE-2019-11119

· CRITICALModified

CVSS v3.1

9.8

EPSS

2.00%

Published

Jun 13, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (1)

intel · raid_web_console_3vulnerable

References (4)

http://www.securityfocus.com/bid/108780

Broken LinkThird Party AdvisoryVDB Entry

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html

PatchVendor Advisory

http://www.securityfocus.com/bid/108780

Broken LinkThird Party AdvisoryVDB Entry

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs