CVE-2022-30601

Published: Aug 18, 2022Modified: May 5, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.

Affected (2)

Products: Intel: Active Management Technology Firmware, Standard Manageability

Intel

2 products

Active Management Technology Firmware

Standard Manageability

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Intel Active Management Technology Firmware	All versions
Intel Standard Manageability	All versions

Related CWEs

CWE-522

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (4)

https://security.netapp.com/advisory/ntap-20221014-0004/

Source: secure@intel.com

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00709.html

Source: secure@intel.com

MitigationVendor Advisory

https://security.netapp.com/advisory/ntap-20221014-0004/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00709.html

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.