Intel Data Center Manager 5.1 Local Privilege Escalation
The latest version (5.1) and all prior versions of Intel's Data Center
Manager are vulnerable to a local privileges escalation vulnerability
using the application user dcm used to run the web application and the
rest interface. An attacker who gained remote code execution using this
dcm user (i.e., through Log4j) is then able to escalate their privileges
to root by abusing a weak sudo configuration for the dcm user.
https://packetstormsecurity.com/files/170178/idcm51-escalate.txt
Fri, 09 Dec 2022 14:48:54 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com