CVE-2019-11119

EUVD-2019-2823
Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
Affected Products (NVD)
VendorProductVersion
intelraid_web_console_3
𝑥
≤ 4.186
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/108780
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html
http://www.securityfocus.com/bid/108780
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html