Sign-up

ID

VAR-202205-0823


CVE

CVE-2021-0126


TITLE

Intel's  manageability commander  Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-009505

DESCRIPTION

Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Intel's manageability commander There is an input validation vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2021-0126 // JVNDB: JVNDB-2022-009505 // VULHUB: VHN-371695 // VULMON: CVE-2021-0126

AFFECTED PRODUCTS

vendor:intelmodel:manageability commanderscope:ltversion:2.2

Trust: 1.0

vendor:インテルmodel:manageability commanderscope: - version: -

Trust: 0.8

vendor:インテルmodel:manageability commanderscope:eqversion:2.2

Trust: 0.8

vendor:インテルmodel:manageability commanderscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-009505 // NVD: CVE-2021-0126

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-0126
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2021-0126
value: HIGH

Trust: 1.0

NVD: CVE-2021-0126
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202205-2917
value: HIGH

Trust: 0.6

VULHUB: VHN-371695
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-0126
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-0126
severity: MEDIUM
baseScore: 5.2
vectorString: AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.1
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-371695
severity: MEDIUM
baseScore: 5.2
vectorString: AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.1
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-0126
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-0126
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-371695 // VULMON: CVE-2021-0126 // JVNDB: JVNDB-2022-009505 // CNNVD: CNNVD-202205-2917 // NVD: CVE-2021-0126 // NVD: CVE-2021-0126

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

problemtype:Inappropriate input confirmation (CWE-20) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-371695 // JVNDB: JVNDB-2022-009505 // NVD: CVE-2021-0126

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202205-2917

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202205-2917

PATCH

title:Intel Manageability Commander Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192457

Trust: 0.6

sources: CNNVD: CNNVD-202205-2917

EXTERNAL IDS

db:NVDid:CVE-2021-0126

Trust: 3.4

db:JVNid:JVNVU93344744

Trust: 0.8

db:JVNDBid:JVNDB-2022-009505

Trust: 0.8

db:AUSCERTid:ESB-2022.2268

Trust: 0.6

db:CS-HELPid:SB2022051171

Trust: 0.6

db:CNNVDid:CNNVD-202205-2917

Trust: 0.6

db:VULHUBid:VHN-371695

Trust: 0.1

db:VULMONid:CVE-2021-0126

Trust: 0.1

sources: VULHUB: VHN-371695 // VULMON: CVE-2021-0126 // JVNDB: JVNDB-2022-009505 // CNNVD: CNNVD-202205-2917 // NVD: CVE-2021-0126

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00519.html

Trust: 2.6

url:https://jvn.jp/vu/jvnvu93344744/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-0126

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2021-0126/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051171

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2268

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-371695 // VULMON: CVE-2021-0126 // JVNDB: JVNDB-2022-009505 // CNNVD: CNNVD-202205-2917 // NVD: CVE-2021-0126

SOURCES

db:VULHUBid:VHN-371695
db:VULMONid:CVE-2021-0126
db:JVNDBid:JVNDB-2022-009505
db:CNNVDid:CNNVD-202205-2917
db:NVDid:CVE-2021-0126

LAST UPDATE DATE

2025-05-07T19:41:17.626000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-371695date:2022-05-21T00:00:00
db:VULMONid:CVE-2021-0126date:2022-05-21T00:00:00
db:JVNDBid:JVNDB-2022-009505date:2023-08-04T08:30:00
db:CNNVDid:CNNVD-202205-2917date:2022-05-23T00:00:00
db:NVDid:CVE-2021-0126date:2025-05-05T17:16:42.547

SOURCES RELEASE DATE

db:VULHUBid:VHN-371695date:2022-05-12T00:00:00
db:VULMONid:CVE-2021-0126date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2022-009505date:2023-08-04T00:00:00
db:CNNVDid:CNNVD-202205-2917date:2022-05-11T00:00:00
db:NVDid:CVE-2021-0126date:2022-05-12T17:15:08.373