Lenovo Security Advisory: LEN-14005
Potential Impact: Information Disclosure
Severity: Medium
**Scope of Impact:**Industry-Wide
**CVE Identifier:**CVE-2017-5697
Summary Description:
Insufficient clickjacking protection in the Web User Interface of Intel® AMT firmware versions before 9.1.40.100, 9.5.60.1952, 10.0.0.50.1004 and 11.0.0.1205 allow a remote attacker to hijack users’ web clicks by concealing hyperlinks beneath legitimate clickable content via an attacker’s crafted web page.
Mitigation Strategy for Customers (what you should do to protect yourself):
Update AMT firmware to the latest level available for your system.
Product Impact:
Intel AMT firmware versions before 9.1.40.100, 9.5.60.1952, 10.0.0.50.1004 and 11.0.0.1205
Product Impact: