[email protected]CVE-2017-5689

HistoryMay 02, 2017 - 2:59 p.m.

CVE-2017-5689

2017-05-0214:59:00

[email protected]

web.nvd.nist.gov

1000

In Wild

cve-2017-5689

intel

active management technology

amt

standard manageability

ism

small business technology

sbt

security vulnerability

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

Low

0.974 High

EPSS

Percentile

99.9%

JSON

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

Affected configurations

NVD

Node

intelactive_management_technology_firmwareMatch6.0

intelactive_management_technology_firmwareMatch6.1

intelactive_management_technology_firmwareMatch6.2

intelactive_management_technology_firmwareMatch7.0

intelactive_management_technology_firmwareMatch7.1

intelactive_management_technology_firmwareMatch8.0

intelactive_management_technology_firmwareMatch8.1

intelactive_management_technology_firmwareMatch9.0

intelactive_management_technology_firmwareMatch9.1

intelactive_management_technology_firmwareMatch9.5

intelactive_management_technology_firmwareMatch10.0

intelactive_management_technology_firmwareMatch11.0

intelactive_management_technology_firmwareMatch11.5

intelactive_management_technology_firmwareMatch11.6

CPENameOperatorVersion
intel:active_management_technology_firmwareintel active management technology firmwareeq6.0
intel:active_management_technology_firmwareintel active management technology firmwareeq6.1
intel:active_management_technology_firmwareintel active management technology firmwareeq6.2
intel:active_management_technology_firmwareintel active management technology firmwareeq7.0
intel:active_management_technology_firmwareintel active management technology firmwareeq7.1
intel:active_management_technology_firmwareintel active management technology firmwareeq8.0
intel:active_management_technology_firmwareintel active management technology firmwareeq8.1
intel:active_management_technology_firmwareintel active management technology firmwareeq9.0
intel:active_management_technology_firmwareintel active management technology firmwareeq9.1
intel:active_management_technology_firmwareintel active management technology firmwareeq9.5

CPE	Name	Operator	Version
intel:active_management_technology_firmware	intel active management technology firmware	eq	6.0
intel:active_management_technology_firmware	intel active management technology firmware	eq	6.1
intel:active_management_technology_firmware	intel active management technology firmware	eq	6.2
intel:active_management_technology_firmware	intel active management technology firmware	eq	7.0
intel:active_management_technology_firmware	intel active management technology firmware	eq	7.1
intel:active_management_technology_firmware	intel active management technology firmware	eq	8.0
intel:active_management_technology_firmware	intel active management technology firmware	eq	8.1
intel:active_management_technology_firmware	intel active management technology firmware	eq	9.0
intel:active_management_technology_firmware	intel active management technology firmware	eq	9.1
intel:active_management_technology_firmware	intel active management technology firmware	eq	9.5

Rows per page:

1-10 of 141

CNA Affected

[
  {
    "product": "Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability",
    "vendor": "Intel Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later"
      }
    ]
  }
]