Web application abuses : Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00241)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.143286

Categoría: Web application abuses

Título: Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00241)

Resumen: Multiple potential security vulnerabilities in Intel Active Management; Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service.

Descripción: Summary:
Multiple potential security vulnerabilities in Intel Active Management
Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service.

Vulnerability Insight:
Intel Active Management Technology is prone to multiple vulnerabilities:

- Cross site scripting may allow a privileged user to potentially enable escalation of privilege via network
access (CVE-2019-11132)

- Insufficient input validation may allow an unauthenticated user to potentially enable escalation of privilege
via adjacent access (CVE-2019-11088)

- Logic issue may allow an unauthenticated user to potentially enable escalation of privilege via network access
(CVE-2019-11131)

- Insufficient input validation may allow an unauthenticated user to potentially enable denial of service or
information disclosure via adjacent access (CVE-2019-0131)

- Insufficient input validation may allow an unauthenticated user to potentially enable information disclosure
via network access (CVE-2019-0166)

- Insufficient input validation may allow an unauthenticated user to potentially enable information disclosure
via physical access (CVE-2019-11100)

Affected Software/OS:
Intel Active Management Technology 11.0 to 11.8.65, 11.10 to 11.11.65,
11.20 to 11.22.65 and 12.0 to 12.0.35.

Solution:
Upgrade to version 11.8.70, 11.11.70, 11.22.70, 12.0.45 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-0131
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-0166

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.143286
Categoría:	Web application abuses
Título:	Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00241)
Resumen:	Multiple potential security vulnerabilities in Intel Active Management; Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service.
Descripción:	Summary: Multiple potential security vulnerabilities in Intel Active Management Technology (Intel AMT) may allow escalation of privilege, information disclosure, and/or denial of service. Vulnerability Insight: Intel Active Management Technology is prone to multiple vulnerabilities: - Cross site scripting may allow a privileged user to potentially enable escalation of privilege via network access (CVE-2019-11132) - Insufficient input validation may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access (CVE-2019-11088) - Logic issue may allow an unauthenticated user to potentially enable escalation of privilege via network access (CVE-2019-11131) - Insufficient input validation may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access (CVE-2019-0131) - Insufficient input validation may allow an unauthenticated user to potentially enable information disclosure via network access (CVE-2019-0166) - Insufficient input validation may allow an unauthenticated user to potentially enable information disclosure via physical access (CVE-2019-11100) Affected Software/OS: Intel Active Management Technology 11.0 to 11.8.65, 11.10 to 11.11.65, 11.20 to 11.22.65 and 12.0 to 12.0.35. Solution: Upgrade to version 11.8.70, 11.11.70, 11.22.70, 12.0.45 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0131 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html Common Vulnerability Exposure (CVE) ID: CVE-2019-0166
Copyright	Copyright (C) 2019 Greenbone Networks GmbH