mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
107 lines
4.5 KiB
JSON
107 lines
4.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secure@intel.com",
|
|
"ID": "CVE-2017-5689",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Intel Corporation"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT)."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Escalation of Privilege"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability",
|
|
"refsource": "MISC",
|
|
"url": "https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability"
|
|
},
|
|
{
|
|
"name": "https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf"
|
|
},
|
|
{
|
|
"name": "98269",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/98269"
|
|
},
|
|
{
|
|
"name": "1038385",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://www.securitytracker.com/id/1038385"
|
|
},
|
|
{
|
|
"name": "https://security.netapp.com/advisory/ntap-20170509-0001/",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://security.netapp.com/advisory/ntap-20170509-0001/"
|
|
},
|
|
{
|
|
"name": "https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf",
|
|
"refsource": "MISC",
|
|
"url": "https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf"
|
|
},
|
|
{
|
|
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr"
|
|
},
|
|
{
|
|
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03754en_us",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03754en_us"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
|
|
},
|
|
{
|
|
"name": "https://www.embedi.com/news/mythbusters-cve-2017-5689",
|
|
"refsource": "MISC",
|
|
"url": "https://www.embedi.com/news/mythbusters-cve-2017-5689"
|
|
}
|
|
]
|
|
}
|
|
} |