2018-11-13 11:04:59 -05:00
{
2019-05-17 16:00:54 +00:00
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"data_version" : "4.0" ,
2019-03-18 01:54:16 +00:00
"CVE_data_meta" : {
"ID" : "CVE-2019-0086" ,
2019-05-17 16:00:54 +00:00
"ASSIGNER" : "secure@intel.com" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "n/a" ,
"product" : {
"product_data" : [
{
"product_name" : "Intel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)" ,
"version" : {
"version_data" : [
{
"version_value" : "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15."
}
]
}
}
]
}
}
]
}
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Escalation of Privilege"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"refsource" : "MISC" ,
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" ,
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
2019-06-20 17:00:45 +00:00
} ,
{
"refsource" : "CONFIRM" ,
"name" : "https://support.f5.com/csp/article/K35815741" ,
"url" : "https://support.f5.com/csp/article/K35815741"
2019-05-17 16:00:54 +00:00
}
]
2019-03-18 01:54:16 +00:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2019-05-17 16:00:54 +00:00
"value" : "Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access."
2019-03-18 01:54:16 +00:00
}
]
}
}
