Intel Active Management Technology (AMT) Web UI Clickjacking Weakness (INTEL-SA-00081) (remote check)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The management engine on the remote host is affected by a clickjacking
weakness.

Description :

The Intel Management Engine on the remote host has Active Management
Technology (AMT) enabled, and according to its self-reported version
in the banner, it is running Intel manageability firmware version
9.0.x or 9.1.x prior to 9.1.40.1000, 9.5.x prior to 9.5.60.1952,
10.0.x prior to 10.0.50.1004, 11.0.x prior to 11.0.0.1205, or 11.6.x
prior to 11.6.25.1129. It is, therefore, affected by a clickjacking
weakness in the web user interface due to a failure to conceal
hyperlinks beneath legitimate, clickable content using opaque
overlays. An unauthenticated, remote attacker can exploit this, via a
specially crafted web page, to make users perform unintended actions
or to hijack users' web clicks.

See also :

http://www.nessus.org/u?c588d910
https://support.lenovo.com/us/en/product_security/LEN-14005

Solution :

Contact your system OEM for updated firmware per the vendor advisory.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 101165 ()

Bugtraq ID: 99064

CVE ID: CVE-2017-5697

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now