7.2

CVE-2022-37341

Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerintel
Produkt ethernet_network_adapter_xl710-qda1_for_open_compute_project
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Herstellerintel
Produkt ethernet_network_adapter_x710-t4l_for_ocp_3.0
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Herstellerintel
Produkt ethernet_network_adapter_x710-t4l
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Herstellerintel
Produkt ethernet_network_adapter_e810-xxvda2_for_ocp_3.0
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Herstellerintel
Produkt ethernet_network_adapter_e810-xxvda4
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Herstellerintel
Produkt ethernet_network_adapter_e810-2cqda2
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Herstellerintel
Produkt ethernet_network_adapter_xl710-qda2_for_open_compute_project
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Herstellerintel
Produkt ethernet_network_adapter_e810-xxvda2
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.029
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@intel.com 7.2 0.8 5.8
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.