Incorrect Default Permissions
CVE-2018-12160
Summary
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.
- LOW
- LOCAL
- LOW
- UNCHANGED
- NONE
- LOW
- LOW
- LOW
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
References
Advisory Timeline
- Published
