PT-2017-16677 · Intel · Intel Amt
Published
2017-06-14
·
Updated
2024-01-26
·
CVE-2017-5697
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Intel AMT firmware versions prior to 9.1.40.1000
Intel AMT firmware versions prior to 9.5.60.1952
Intel AMT firmware versions prior to 10.0.50.1004
Intel AMT firmware versions prior to 11.0.0.1205
Intel AMT firmware versions prior to 11.6.25.1129
Description
The issue is related to insufficient clickjacking protection in the Web User Interface of Intel AMT firmware. This potentially allows a remote attacker to hijack users' web clicks via an attacker's crafted web page.
Recommendations
For versions prior to 9.1.40.1000, update to version 9.1.40.1000 or later.
For versions prior to 9.5.60.1952, update to version 9.5.60.1952 or later.
For versions prior to 10.0.50.1004, update to version 10.0.50.1004 or later.
For versions prior to 11.0.0.1205, update to version 11.0.0.1205 or later.
For versions prior to 11.6.25.1129, update to version 11.6.25.1129 or later.
Fix
Clickjacking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Amt