Insufficiently Protected Credentials in Intel Management Products
CVE-2022-30944

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Amt And Intel(r) Standard Manageability
Vendor: CVE Published:; 18 August 2022

What is CVE-2022-30944?

The vulnerability in Intel's Active Management Technology (AMT) and Standard Manageability arises from inadequate protection of user credentials. This shortcoming could allow a privileged user to access sensitive information locally. Users working with affected versions must take immediate action to assess their security configurations and apply necessary patches to mitigate this risk. Regular audits and adherence to security best practices can help safeguard against potential exploits stemming from this vulnerability.

Affected Version(s)

Intel(R) AMT and Intel(R) Standard Manageability See references

References

https://www.intel.com/content/www/us/en/security-center/a...

https://security.netapp.com/advisory/ntap-20221014-0004/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 18, 2022
Vulnerability Reserved
Jun 9, 2022