Intel ID: INTEL-SA-00171
Advisory Category: Software
Impact of vulnerability: Information Disclosure
Severity rating: MEDIUM
Original release: 10/09/2018
Last revised: 10/09/2018


A potential security vulnerability in the Intel® Raid Web Server 3 may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2018-12161

Description: Insufficient session validation in the webserver component of the Intel(R) Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access.

CVSS Base Score: 5.3 Medium


Affected Products:

Intel® RAID Web Console for Windows version 3 and before.


Intel recommends that users of Intel® RAID Web Console for Windows update to version 4.186 or later.

Updates are available for download at this location:


Intel would like to thank Trotmaster for reporting this issue and working with us on coordinated disclosure.

Revision History

Revision Date Description
1.0 10/09/2018 Initial Release

Source: INTEL-SA-00171