How severe is CVE-2017-5698?

Medium severity. CVSS v3 base score is 4.4 out of 10.

Vulnerability in Intel Active_management_technology_firmware

CVE-2017-5698

Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnera…

EPSS: 0.003 (18.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N.

Affected products

Intel Active_management_technology_firmware — versions 11.0.25.3001, 11.0.26.3000
Intel Manageability_engine_firmware — versions 11.0.25.3001, 11.0.26.3000
Intel Small_business_technology_firmware — versions 11.0.25.3001, 11.0.26.3000
Intel Corporation Active Management Technology, Standard Manageability, And Small Business Technology — versions version 11.0.25.3001 and 11.0.26.3000

References

secure@intel.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-5698?: CVE-2017-5698 is a medium-severity vulnerability in Intel Active_management_technology_firmware. CVSS score: 4.4/10. Published 2017-09-05.
How severe is CVE-2017-5698?: Medium severity. CVSS v3 base score is 4.4 out of 10.