CVE-2019-0135

Published Mar 14, 2019

Last updated 2 years ago

CVSS high 7.8

Overview

Description: Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege via local access. L-SA-00206
Source: secure@intel.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intel:rapid_storage_technology_enterprise:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "901DA51D-7BEA-4DD6-9ADF-B776D2218C47",
            "versionEndExcluding": "5.5.0.2015"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lenovo:thinkstation_p520_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BA83987-B0E4-4BF8-8379-43B90420AAFD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lenovo:thinkstation_p520:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6840BC60-44C3-4EA8-96D3-E93796C15310"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lenovo:thinkstation_p520c_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6E5525D-2EA6-4226-A6A3-5C1E442720E1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lenovo:thinkstation_p520c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0431D83D-1AC8-4EDE-8568-8695F8E68C35"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lenovo:thinkstation_p720_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0530CA83-60EA-422B-B0D1-6193336E0AD3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lenovo:thinkstation_p720:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A77DF681-F12F-4643-B5E1-1BEDE613E343"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lenovo:thinkstation_p920_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB0B747D-09A0-4FBE-9984-6FDFD38CAADE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lenovo:thinkstation_p920:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D47FCAA7-B33F-4F00-85BA-AA8ED4790572"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References