Login Sign Up

CVE-2022-29887

8.1 HIGH
Cross-Site Scripting

📋 TL;DR

This cross-site scripting (XSS) vulnerability in Intel Manageability Commander software allows unauthenticated attackers to inject malicious scripts via network access. Successful exploitation could enable privilege escalation on affected systems. Organizations using Intel Manageability Commander versions before 2.3 are affected.

💻 Affected Systems

Products:
  • Intel Manageability Commander
Versions: All versions before 2.3
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: The software must be network-accessible for exploitation. Default installations are vulnerable.

📦 What is this software?

Manageability Commander by Intel

View all CVEs affecting Manageability Commander →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could execute arbitrary code with elevated privileges, potentially gaining full control of the management system and managed devices.

🟠

Likely Case

Attackers could steal session cookies, perform actions as authenticated users, or redirect users to malicious sites.

🟢

If Mitigated

With proper input validation and output encoding, the XSS payloads would be neutralized before execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

XSS vulnerabilities typically have low exploitation complexity, especially when unauthenticated access is possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.3 or later

Vendor Advisory: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00893.html

Restart Required: Yes

Instructions:

1. Download Intel Manageability Commander version 2.3 or later from Intel's official website. 2. Uninstall the previous version. 3. Install the updated version. 4. Restart the system.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Intel Manageability Commander to trusted internal networks only

Web Application Firewall

all

Deploy a WAF with XSS protection rules to filter malicious input

🧯 If You Can't Patch

  • Isolate the Intel Manageability Commander system from untrusted networks
  • Implement strict input validation and output encoding at the application layer

🔍 How to Verify

Check if Vulnerable:

Check the installed version of Intel Manageability Commander via Control Panel > Programs and Features (Windows) or by running the software and checking the About section

Check Version:

Not applicable - check via GUI or registry: HKEY_LOCAL_MACHINE\SOFTWARE\Intel\Manageability Commander

Verify Fix Applied:

Verify the version is 2.3 or higher and test XSS payloads against the interface to confirm they are properly sanitized

📡 Detection & Monitoring

Log Indicators:

  • Unusual HTTP requests containing script tags or JavaScript payloads
  • Multiple failed authentication attempts followed by successful access

Network Indicators:

  • HTTP requests with suspicious parameters containing script elements
  • Traffic to Intel Manageability Commander from unexpected sources

SIEM Query:

source="intel_manageability" AND (http_request CONTAINS "<script>" OR http_request CONTAINS "javascript:")

📊 Metadata

CVE ID: CVE-2022-29887
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CWE: CWE-79
Published: August 11, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29887, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)