Vulnerability Description
Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via network access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Rapid Storage Technology Enterprise | < 5.5.0.2015 |
| Lenovo | Thinkstation P520 Firmware | - |
| Lenovo | Thinkstation P520 | - |
| Lenovo | Thinkstation P520C Firmware | - |
| Lenovo | Thinkstation P520C | - |
| Lenovo | Thinkstation P720 Firmware | - |
| Lenovo | Thinkstation P720 | - |
| Lenovo | Thinkstation P920 Firmware | - |
| Lenovo | Thinkstation P920 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/108775Broken LinkThird Party AdvisoryVDB Entry
- https://support.lenovo.com/us/en/product_security/LEN-27843Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.PatchVendor Advisory
- http://www.securityfocus.com/bid/108775Broken LinkThird Party AdvisoryVDB Entry
- https://support.lenovo.com/us/en/product_security/LEN-27843Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.PatchVendor Advisory
FAQ
What is CVE-2019-0130?
CVE-2019-0130 is a vulnerability with a CVSS score of 7.4 (HIGH). Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via network...
How severe is CVE-2019-0130?
CVE-2019-0130 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-0130?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Rapid Storage Technology Enterprise, Lenovo Thinkstation P520 Firmware, Lenovo Thinkstation P520, Lenovo Thinkstation P520C Firmware, Lenovo Thinkstation P520C.