{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-26341", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852", "dateReserved": "2022-04-05T15:11:17.462Z", "datePublished": "2022-11-11T15:47:12.330Z", "dateUpdated": "2025-02-05T20:54:43.309Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2022-11-14T17:45:56.083Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "escalation of privilege"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) AMT SDK, Intel(R) EMA and Intel(R) MC", "versions": [{"version": "See references", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access."}], "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:03:32.764Z"}, "title": "CVE Program Container", "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-522", "lang": "en", "description": "CWE-522 Insufficiently Protected Credentials"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-29T20:41:47.226197Z", "id": "CVE-2022-26341", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T20:54:43.309Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:03:32.764Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-26341", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-29T20:41:47.226197Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T20:41:48.595Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) AMT SDK, Intel(R) EMA and Intel(R) MC", "versions": [{"status": "affected", "version": "See references"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html"}], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "escalation of privilege"}]}], "providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2022-11-14T17:45:56.083Z"}}}, "cveMetadata": {"cveId": "CVE-2022-26341", "state": "PUBLISHED", "dateUpdated": "2025-02-05T20:54:43.309Z", "dateReserved": "2022-04-05T15:11:17.462Z", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "datePublished": "2022-11-11T15:47:12.330Z", "requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852", "assignerShortName": "intel"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:active_management_technology_software_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3433FC6-73DB-43F9-AD46-0D6F132ABE17", "versionEndExcluding": "16.0.4.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:endpoint_management_assistant:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2D76812-BCC4-4158-85EE-5B203DCF6ADA", "versionEndExcluding": "1.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:manageability_commander:*:*:*:*:*:*:*:*", "matchCriteriaId": "70907D3C-FD0E-4C12-AA48-C4EC6145F939", "versionEndExcluding": "2.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access."}, {"lang": "es", "value": "Credenciales insuficientemente protegidas en el software de Intel(R) AMT SDK anterior a la versi\u00f3n 16.0.4.1, Intel(R) EMA anterior a la versi\u00f3n 1.7.1 e Intel(R) MC anterior a la versi\u00f3n 2.3.2 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso a la red."}], "id": "CVE-2022-26341", "lastModified": "2025-02-05T21:15:15.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.8, "source": "secure@intel.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-11T16:15:12.700", "references": [{"source": "secure@intel.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-522"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}