This script is Copyright (C) 2017 Tenable Network Security, Inc.
The management engine on the remote host is affected by a clickjacking
The Intel Management Engine on the remote host has Active Management
Technology (AMT) enabled, and according to its self-reported version
in the banner, it is running Intel manageability firmware version
9.0.x or 9.1.x prior to 22.214.171.1240, 9.5.x prior to 126.96.36.1992,
10.0.x prior to 10.0.50.1004, 11.0.x prior to 188.8.131.525, or 11.6.x
prior to 184.108.40.2069. It is, therefore, affected by a clickjacking
weakness in the web user interface due to a failure to conceal
hyperlinks beneath legitimate, clickable content using opaque
overlays. An unauthenticated, remote attacker can exploit this, via a
specially crafted web page, to make users perform unintended actions
or to hijack users' web clicks.
See also :
Contact your system OEM for updated firmware per the vendor advisory.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true