CVE-2018-3699: XSS
First published: Wed Nov 14 2018(Updated: )
Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Raid Web Console 3 | <4.186 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this cross-site scripting vulnerability?
The vulnerability ID for this cross-site scripting vulnerability is CVE-2018-3699.
What is the affected software?
The affected software is Intel RAID Web Console v3 for Windows.
How can an unauthenticated user exploit this vulnerability?
An unauthenticated user can exploit this vulnerability by accessing the Intel RAID Web Console remotely.
What is the severity of this vulnerability?
The severity of this vulnerability is medium with a CVSS score of 6.1.
How can I fix this cross-site scripting vulnerability in Intel RAID Web Console v3 for Windows?
To fix this cross-site scripting vulnerability, update the Intel RAID Web Console to version 4.186 or higher.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/tags
- agent/softwarecombine
- agent/event
- agent/description
- agent/first-publish-date
- vendor/intel
- canonical/intel raid web console 3