CVE-2022-21225

CVE Database · CVE-2022-21225

CVE-2022-21225

· HIGHModified

CVSS v3.1

8.0

EPSS

1.46%

Published

Aug 18, 2022

Modified

May 5, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products (1)

intel · data_center_manager (up to 4.1)vulnerable

References (6)

http://packetstormsecurity.com/files/170180/Intel-Data-Center-Manager-4.1-SQL-Injection.html

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2022/Dec/1

ExploitMailing ListThird Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00662.html

Vendor Advisory

http://packetstormsecurity.com/files/170180/Intel-Data-Center-Manager-4.1-SQL-Injection.html

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2022/Dec/1

KEV Catalog EPSS Scores Vendors All CVEs