Detections
Analytics

Intel Active Management Technology (AMT) Web UI Clickjacking Weakness (INTEL-SA-00081) (remote check)

medium Nessus Plugin ID 101165

Language:

Synopsis

The management engine on the remote host is affected by a clickjacking weakness.

Description

The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled, and according to its self-reported version in the banner, it is running Intel manageability firmware version 9.0.x or 9.1.x prior to 9.1.40.1000, 9.5.x prior to 9.5.60.1952, 10.0.x prior to 10.0.50.1004, 11.0.x prior to 11.0.0.1205, or 11.6.x prior to 11.6.25.1129. It is, therefore, affected by a clickjacking weakness in the web user interface due to a failure to conceal hyperlinks beneath legitimate, clickable content using opaque overlays. An unauthenticated, remote attacker can exploit this, via a specially crafted web page, to make users perform unintended actions or to hijack users' web clicks.

Solution

Contact your system OEM for updated firmware per the vendor advisory.

See Also

http://www.nessus.org/u?c588d910

https://support.lenovo.com/us/en/product_security/LEN-14005

Plugin Details

Severity: Medium

ID: 101165

File Name: intel_sa_00081.nasl

Version: 1.4

Type: remote

Family: Web Servers

Published: 6/30/2017

Updated: 6/19/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:intel:active_management_technology, cpe:/o:intel:active_management_technology_firmware

Exploit Ease: No known exploits are available

Patch Publication Date: 6/13/2017

Vulnerability Publication Date: 6/13/2017

Reference Information

CVE: CVE-2017-5697

BID: 99064

IAVA: 2017-A-0186-S