CWE-249 is a deprecated classification in the CWE framework. It remains in the catalog for historical hierarchy and CVE traceability.
This entry has been deprecated because of name confusion and an accidental combination of multiple weaknesses. Most of its content has been transferred to CWE-785.
These CVEs are mapped to this weakness in this database and kept for traceability and search.
| CVE | Published | Summary |
|---|---|---|
| CVE-2023-35003 | 2024-02-14 | Path transversal in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-33878 | 2023-11-14 | Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege vi… |
| CVE-2023-32655 | 2023-11-14 | Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated use… |
| CVE-2023-32278 | 2023-11-14 | Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NUC… |
| CVE-2022-27229 | 2023-11-14 | Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of p… |
| CVE-2019-3932 | 2019-04-30 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use th… |
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2008-07-01 | Eric Dalci | 1.0 | — | updated Time_of_Introduction |
| 2008-08-01 | — | 1.0 | — | added/updated white box definitions |
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Applicable_Platforms, Relationships, Other_Notes, Taxonomy_Mappings |
| 2009-05-27 | CWE Content Team | 1.4 | — | updated Demonstrative_Examples |
| 2009-07-17 | KDM Analytics | 1.5 | Critical | Described inconsistencies in this entry, which the CWE Content Team had already slated for deprecation. |
| 2009-07-27 | CWE Content Team | 1.5 | — | updated Affected_Resources, Applicable_Platforms, Demonstrative_Examples, Description, Maintenance_Notes, Name, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type, White_Box_Definitions |
| 2009-10-29 | CWE Content Team | 1.6 | — | updated Relationships |
| 2021-03-15 | CWE Content Team | 4.4 | — | updated Description, Maintenance_Notes |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated Description |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |