PT-2024-7674 · Intel · Intel Raid Web Console
Aobo Wang
·
Published
2024-09-16
·
Updated
2024-10-09
·
CVE-2024-32940
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) RAID Web Console software for all versions
Description
The issue is related to improper access control in the Intel(R) RAID Web Console software, which may allow an authenticated user to potentially enable denial of service via adjacent access. This could be exploited by a remote attacker to cause a denial of service.
Recommendations
For all versions, consider restricting access to the Intel(R) RAID Web Console software until a patch is available to prevent potential denial of service attacks. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of exploitation.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Raid Web Console