CWE-249 在 CWE 架構中為已棄用分類,仍保留於目錄中供歷史層級與 CVE 追溯。
This entry has been deprecated because of name confusion and an accidental combination of multiple weaknesses. Most of its content has been transferred to CWE-785.
下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。
| CVE | 公開時間 | 摘要 |
|---|---|---|
| CVE-2023-35003 | 2024-02-14 | Path transversal in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-33878 | 2023-11-14 | Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege vi… |
| CVE-2023-32655 | 2023-11-14 | Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated use… |
| CVE-2023-32278 | 2023-11-14 | Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NUC… |
| CVE-2022-27229 | 2023-11-14 | Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of p… |
| CVE-2019-3932 | 2019-04-30 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use th… |
| 日期 | 名稱 | 版本 | 重要性 | 評論 |
|---|---|---|---|---|
| 2008-07-01 | Eric Dalci | 1.0 | — | updated Time_of_Introduction |
| 2008-08-01 | — | 1.0 | — | added/updated white box definitions |
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Applicable_Platforms, Relationships, Other_Notes, Taxonomy_Mappings |
| 2009-05-27 | CWE Content Team | 1.4 | — | updated Demonstrative_Examples |
| 2009-07-17 | KDM Analytics | 1.5 | Critical | Described inconsistencies in this entry, which the CWE Content Team had already slated for deprecation. |
| 2009-07-27 | CWE Content Team | 1.5 | — | updated Affected_Resources, Applicable_Platforms, Demonstrative_Examples, Description, Maintenance_Notes, Name, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type, White_Box_Definitions |
| 2009-10-29 | CWE Content Team | 1.6 | — | updated Relationships |
| 2021-03-15 | CWE Content Team | 4.4 | — | updated Description, Maintenance_Notes |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated Description |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |