Description
Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
Present
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Device Management Portal (ADMP)3.0.0.895 – 3.0.0.895
- AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 4000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 9000HX Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ AI 300 Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ AI Max 300 Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ Threadripper™ 3000 ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / AMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895
- AMD / Not publicAMD Device Management Portal 3.0.0.895 – AMD Device Management Portal 3.0.0.895