Insufficient Credential Protection in Intel AMT and Standard Manageability
CVE-2022-30601

9.8CRITICAL

Key Information:

Vendor: Intel
Status: Intel(r) Amt And Intel(r) Standard Manageability
Vendor: CVE Published:; 18 August 2022

What is CVE-2022-30601?

The vulnerability in Intel AMT and Intel Standard Manageability arises from insufficient protection of user credentials, granting unauthenticated users potential network access. This situation can lead to unauthorized information disclosure and privilege escalation, posing security risks for users. It is crucial for organizations using these products to assess their security measures and implement recommended patches.

Affected Version(s)

Intel(R) AMT and Intel(R) Standard Manageability See references

References

https://www.intel.com/content/www/us/en/security-center/a...

https://security.netapp.com/advisory/ntap-20221014-0004/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 18, 2022
Vulnerability Reserved
Jun 9, 2022