7.2

CVE-2022-37341

Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendorintel
Product ethernet_network_adapter_xl710-qda1_for_open_compute_project
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Vendorintel
Product ethernet_network_adapter_x710-t4l_for_ocp_3.0
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Vendorintel
Product ethernet_network_adapter_x710-t4l
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Vendorintel
Product ethernet_network_adapter_e810-xxvda2_for_ocp_3.0
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Vendorintel
Product ethernet_network_adapter_e810-xxvda4
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Vendorintel
Product ethernet_network_adapter_e810-2cqda2
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Vendorintel
Product ethernet_network_adapter_xl710-qda2_for_open_compute_project
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Vendorintel
Product ethernet_network_adapter_e810-xxvda2
Default Statusunknown
Version < 29.0.1
Version 0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.029
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
secure@intel.com 7.2 0.8 5.8
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.