Web application abuses : Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00213)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.142466

Categoría: Web application abuses

Título: Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00213)

Resumen: Multiple potential security vulnerabilities in Intel Active Management; Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service.

Descripción: Summary:
Multiple potential security vulnerabilities in Intel Active Management
Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service.

Vulnerability Insight:
Intel Active Management Technology is prone to multiple vulnerabilities:

- Insufficient input validation vulnerability in subsystem may allow an unauthenticated user to potentially
enable escalation of privilege via physical access. (CVE-2019-0092)

- Insufficient input validation vulnerability in subsystem may allow an unauthenticated user to potentially
enable denial of service via adjacent network access. (CVE-2019-0094)

- Out of bound write vulnerability in subsystem may allow an authenticated user to potentially enable escalation
of privilege via adjacent network access. (CVE-2019-0096)

- Insufficient input validation vulnerability in subsystem may allow a privileged user to potentially enable
denial of service via network access. (CVE-2019-0097)

Affected Software/OS:
Intel Active Management Technology 11.0 to 11.8.60, 11.10 to 11.11.60,
11.20 to 11.22.60 and 12.0 to 12.0.20.

Solution:
Upgrade to version 11.8.65, 11.11.65, 11.22.65, 12.0.35 or later.

CVSS Score:
5.2

CVSS Vector:
AV:A/AC:L/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-0092
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-0094
Common Vulnerability Exposure (CVE) ID: CVE-2019-0096
Common Vulnerability Exposure (CVE) ID: CVE-2019-0097

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.142466
Categoría:	Web application abuses
Título:	Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00213)
Resumen:	Multiple potential security vulnerabilities in Intel Active Management; Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service.
Descripción:	Summary: Multiple potential security vulnerabilities in Intel Active Management Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service. Vulnerability Insight: Intel Active Management Technology is prone to multiple vulnerabilities: - Insufficient input validation vulnerability in subsystem may allow an unauthenticated user to potentially enable escalation of privilege via physical access. (CVE-2019-0092) - Insufficient input validation vulnerability in subsystem may allow an unauthenticated user to potentially enable denial of service via adjacent network access. (CVE-2019-0094) - Out of bound write vulnerability in subsystem may allow an authenticated user to potentially enable escalation of privilege via adjacent network access. (CVE-2019-0096) - Insufficient input validation vulnerability in subsystem may allow a privileged user to potentially enable denial of service via network access. (CVE-2019-0097) Affected Software/OS: Intel Active Management Technology 11.0 to 11.8.60, 11.10 to 11.11.60, 11.20 to 11.22.60 and 12.0 to 12.0.20. Solution: Upgrade to version 11.8.65, 11.11.65, 11.22.65, 12.0.35 or later. CVSS Score: 5.2 CVSS Vector: AV:A/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0092 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html Common Vulnerability Exposure (CVE) ID: CVE-2019-0094 Common Vulnerability Exposure (CVE) ID: CVE-2019-0096 Common Vulnerability Exposure (CVE) ID: CVE-2019-0097
Copyright	Copyright (C) 2019 Greenbone Networks GmbH