CVE-2022-30601

CRITICAL

Intel Standard Manageability - Insufficiently Protected Credentials

Title source: rule

Description

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.

References (2)

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20221014-0004/

[Mitigation, Vendor Advisory] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00709.html

Scores

CVSS v3 9.8

EPSS 0.0168

EPSS Percentile 81.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-522

Status published

Affected Products (2)

intel/standard_manageability

intel/active_management_technology_firmware

Timeline

Published Aug 18, 2022

Tracked Since Feb 18, 2026