Server Debug And Provisioning Tool
CVE-2022-26508
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access.
AnalysisAI
Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access. Affected products include: Intel Server Debug And Provisioning Tool. Version information: version 3.0.0.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may allow an authenticated u
Uncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to po
Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user
Same weakness CWE-287 – Improper Authentication
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today