CVE-2017-5697
MEDIUMIntel AMT Firmware < 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, 11.6.25.1129 - Clickjacking
Title source: llmDescription
Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote attacker to hijack users web clicks via attacker's crafted web page.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00081&languageid=en-fr
Scores
CVSS v3
6.5
EPSS
0.0021
EPSS Percentile
43.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-1021
Status
published
Products (2)
intel/active_management_technology_firmware
9.1 - 9.1.40.1000
Intel Corporation/Active Mangement Technology
before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129
Published
Jun 14, 2017
Tracked Since
Feb 18, 2026