CVE-2024-28170

Name of the Vulnerable Software and Affected Versions Intel(R) RAID Web Console all versions

Description The issue is related to improper access control in the Intel(R) RAID Web Console, which may allow an authenticated user to potentially enable information disclosure via local access. This could permit an attacker to disclose protected information.

Recommendations For all versions of Intel(R) RAID Web Console, consider restricting local access to the console until a fix is available. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.