CVE-2017-5697

CVE Database · CVE-2017-5697

CVE-2017-5697

· MEDIUMModified

CVSS v3.1

6.5

EPSS

0.88%

Published

Jun 14, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote attacker to hijack users web clicks via attacker's crafted web page.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Weaknesses (CWE)

CWE-1021

Affected Products (5)

intel · active_management_technology_firmware (up to 9.1.40.1000)vulnerable

intel · active_management_technology_firmware (up to 9.5.60.1952)vulnerable

intel · active_management_technology_firmware (up to 10.0.50.1004)vulnerable

intel · active_management_technology_firmware (up to 11.0.0.1205)vulnerable

intel · active_management_technology_firmware (up to 11.6.25.1129)vulnerable

References (2)

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00081&languageid=en-fr

Vendor Advisory

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00081&languageid=en-fr

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs