Vulnerabilites related to Lenovo - ThinkSystem SR670 V2
var-202301-2263
Vulnerability from variot

An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2263",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinkpad s3 2nd gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r16et33w"
      },
      {
        "model": "thinkcentre m710s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "ideacentre a340-22igm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o51kt12a"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkcentre m70s gen 3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2tkt50a"
      },
      {
        "model": "thinkserver sd350",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.05.0"
      },
      {
        "model": "thinksystem sr630",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "ideacentre gaming 5 17acn7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o5ekt21a"
      },
      {
        "model": "thinksystem dx1100u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad x1 carbon 7th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2qet44w"
      },
      {
        "model": "thinkagile hx5530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad p14s gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n34et46w"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tqe104j"
      },
      {
        "model": "thinksystem dn8836",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "l0.40"
      },
      {
        "model": "yta8900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "v530-15arr",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "not_affected"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "pse144n"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad e15 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r1eet45w"
      },
      {
        "model": "thinksystem st258",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinkpad x1 yoga 4th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2het66w"
      },
      {
        "model": "thinkstation p620",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "s07kt25a"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkstation p340",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "s08kt50a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "yangtian afq150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "thinkpad p73",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2net49w"
      },
      {
        "model": "thinkstation p520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "s03kt55a"
      },
      {
        "model": "thinksystem dx8200d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad t15p gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n30et43w"
      },
      {
        "model": "thinkagile mx1021",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "hye122f"
      },
      {
        "model": "ideacentre 5-14imb05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4hkt38a"
      },
      {
        "model": "thinkagile mx3520 f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkstation p310",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "v530s-07icr",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m30kt26a"
      },
      {
        "model": "ideacentre 5-14iob6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3gkt33a"
      },
      {
        "model": "thinkserver td350",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.04.0"
      },
      {
        "model": "thinksystem se350",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "hye122f"
      },
      {
        "model": "v530-24icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m20kt52a"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkcentre m80q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m46kt2da"
      },
      {
        "model": "thinkpad l390",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r10et51w"
      },
      {
        "model": "thinkserver ts150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "81i\\/b7s"
      },
      {
        "model": "thinkpad t490s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2jet97w"
      },
      {
        "model": "thinkserver rd450",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.05.0"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkpad l15 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r1jet53w"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "u8e118m"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "hye122f"
      },
      {
        "model": "v30a-22iml",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m37kt28a"
      },
      {
        "model": "v50a-24imb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m36kt28a"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "d8e128f"
      },
      {
        "model": "thinkpad x13 yoga gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2uet58w"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "d8e128f"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad x1 carbon 7th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2het66w"
      },
      {
        "model": "thinkagile hx7530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkpad x1 extreme 3rd gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2vet34w"
      },
      {
        "model": "thinksystem sr250",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinkcentre m70s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m43kt16a"
      },
      {
        "model": "thinkpad p15v gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n30et43w"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkpad e15",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r16et33w"
      },
      {
        "model": "v30a-24iml",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m37kt28a"
      },
      {
        "model": "ideacentre g5-14imb05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4hkt38a"
      },
      {
        "model": "thinkcentre m90t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "thinkcentre m75t gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3bkt29a"
      },
      {
        "model": "ideacentre a340-24igm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o51kt12a"
      },
      {
        "model": "thinkpad p1 gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2eet56w"
      },
      {
        "model": "thinkcentre m625q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3skt21a"
      },
      {
        "model": "thinksystem sn550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "v530s-07icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "not_affected"
      },
      {
        "model": "thinkcentre m818z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1nkt58a"
      },
      {
        "model": "thinkpad p52",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2cet61w"
      },
      {
        "model": "v520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "v35s-07ada",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4fkt29a"
      },
      {
        "model": "thinkserver sr860p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee176k"
      },
      {
        "model": "thinkcentre m70c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3nkt20a"
      },
      {
        "model": "legion t530-28apr",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4gkt16a"
      },
      {
        "model": "thinkcentre m90a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3lkt26a"
      },
      {
        "model": "thinkpad l15",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r17et33w"
      },
      {
        "model": "thinkcentre m910s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad t490",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2iet98w"
      },
      {
        "model": "thinksystem hr630x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "hr6n0661"
      },
      {
        "model": "thinkcentre m80t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1ckt49a"
      },
      {
        "model": "thinkcentre m90q gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2wkt57a"
      },
      {
        "model": "thinkpad t15 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n34et46w"
      },
      {
        "model": "ideacentre 3-07ada05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4fkt29a"
      },
      {
        "model": "thinkcentre m90q tiny",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2tkt50a"
      },
      {
        "model": "thinkserver ts550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktb7s"
      },
      {
        "model": "legion t5-26iob6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o54kt1da"
      },
      {
        "model": "thinkcentre m75s gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3bkt29a"
      },
      {
        "model": "thinkcentre e96z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m26kt22a"
      },
      {
        "model": "thinkcentre m6600t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "thinksystem sr158",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinksystem sr850",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinksystem sr860",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkcentre m60e tiny",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o5fkt14a"
      },
      {
        "model": "n3310 storage",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.05.0"
      },
      {
        "model": "thinkpad p53",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2net49w"
      },
      {
        "model": "thinkcentre m70q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2vkt1da"
      },
      {
        "model": "yoga a940-27icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o43kt43a"
      },
      {
        "model": "thinkpad p14s gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2xet33w"
      },
      {
        "model": "legion t530-28icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4bkt20a"
      },
      {
        "model": "thinkpad p15s gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2xet33w"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile mx3321 h",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkstation p318",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "thinkpad x1 extreme 1st gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2eet56w"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkcentre m6600s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "thinkcentre m70q gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2wkt57a"
      },
      {
        "model": "thinkserver ts560",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tb1ts307"
      },
      {
        "model": "v530s-07icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m22kt48a"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinksystem hr650x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "hr6n0661"
      },
      {
        "model": "thinkserver rd350",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.05.0"
      },
      {
        "model": "thinkstation p350 tiny",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3jkt34a"
      },
      {
        "model": "thinkpad x1 extreme 2nd gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2oet54w"
      },
      {
        "model": "n4610 storage",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.05.0"
      },
      {
        "model": "thinkpad x1 yoga 6th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2tet72w"
      },
      {
        "model": "ideacentre g5-14amr05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4zkt29a"
      },
      {
        "model": "v530-15icr",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2ykt31a"
      },
      {
        "model": "stadia ggp-120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "s03kt55a"
      },
      {
        "model": "thinkcentre m90a gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3jkt34a"
      },
      {
        "model": "thinkcentre m75t gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3akt44a"
      },
      {
        "model": "thinkpad p1 gen 3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2vet34w"
      },
      {
        "model": "thinksystem sr670",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "g1e130i"
      },
      {
        "model": "thinkagile mx3321 f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad e14 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r1eet45w"
      },
      {
        "model": "thinkpad p15 gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n30et43w"
      },
      {
        "model": "thinkpad x1 carbon 8th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2wet32w"
      },
      {
        "model": "thinkcentre m715q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinkstation p348",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3kkt34a"
      },
      {
        "model": "ideacentre 3 07iab7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m49kt1da"
      },
      {
        "model": "thinkpad l590",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r0zet50w"
      },
      {
        "model": "thinksystem sd530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkcentre m8600t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad p53s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2iet98w"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkcentre e75s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinkcentre m80s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2wkt57a"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "v50a-22imb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m36kt28a"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee176k"
      },
      {
        "model": "thinkcentre m75s gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3akt44a"
      },
      {
        "model": "thinkpad l13 yoga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r15et51w"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad t14 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n34et46w"
      },
      {
        "model": "thinkcentre m75t gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkedge se30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3fkt29a"
      },
      {
        "model": "thinkcentre m6600q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinksystem sr650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "v530-22icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m20kt52a"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad x12 detachable gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r1get43w"
      },
      {
        "model": "thinkserver ts450",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktb7s"
      },
      {
        "model": "thinkagile hx3330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tqe104j"
      },
      {
        "model": "thinkcentre m820z all-in-one",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2rkt52a"
      },
      {
        "model": "qt m415",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinksystem sr665",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "d8e128f"
      },
      {
        "model": "thinkcentre m610",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "thinkcentre m710e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m41kt2da"
      },
      {
        "model": "v50t-13imb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4hkt38a"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m5e118i"
      },
      {
        "model": "thinksystem st58",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ite125a"
      },
      {
        "model": "thinkcentre m710t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinkcentre m75t gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m47kt24a"
      },
      {
        "model": "thinkpad l490",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r0zet50w"
      },
      {
        "model": "thinkagile hx5531",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinksmart hub teams",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2xkt20a"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "u8e118m"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkserver rs260",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "vb1ts307"
      },
      {
        "model": "thinksystem sr645",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "d8e128f"
      },
      {
        "model": "thinksystem hr610x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "hr6n0661"
      },
      {
        "model": "thinkcentre m700q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "ideacentre 510s-07icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m22kt47a"
      },
      {
        "model": "thinkpad e590",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r0yet48w"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkpad t14s gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n35et43w"
      },
      {
        "model": "thinksystem sr590",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkagile hx2331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkcentre m75q gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m33kt25a"
      },
      {
        "model": "thinkpad t14 gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2xet33w"
      },
      {
        "model": "v330-20icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1qkt47a"
      },
      {
        "model": "legion c530-19icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4bkt20a"
      },
      {
        "model": "ideacentre 510s-07icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m22kt48a"
      },
      {
        "model": "thinkpad p1 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2oet54w"
      },
      {
        "model": "ideacentre 510s-07ick",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m30kt26a"
      },
      {
        "model": "v530-15icb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1ykt70a"
      },
      {
        "model": "thinkcentre m70a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m28kt37a"
      },
      {
        "model": "v540-24iwl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m29kt39a"
      },
      {
        "model": "thinkserver rd550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.03.0"
      },
      {
        "model": "thinkstation p320 tiny",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "thinkpad l14",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r17et33w"
      },
      {
        "model": "thinkpad r14 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r1eet45w"
      },
      {
        "model": "thinkserver sr590",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee176k"
      },
      {
        "model": "thinkpad l390 yoga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r10et51w"
      },
      {
        "model": "thinkcentre m80t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2tkt50a"
      },
      {
        "model": "thinksmart hub zoom",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2xkt20a"
      },
      {
        "model": "thinkserver rs160",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "vb1ts307"
      },
      {
        "model": "thinksystem st550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o0e178i"
      },
      {
        "model": "thinksystem sr550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkcentre m70q gen 3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3jkt34a"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkpad x13",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2yet34w"
      },
      {
        "model": "v520s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinkcentre m70t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m41kt2da"
      },
      {
        "model": "thinksmart hub 500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m23kt29a"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkcentre m70t gen 3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2tkt50a"
      },
      {
        "model": "thinksystem sr950",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "pse144n"
      },
      {
        "model": "thinkstation p340 tiny",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2wkt57a"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinksystem sn850",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad x390",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2jet97w"
      },
      {
        "model": "thinksystem sd650 dwc dual node tray",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ote178g"
      },
      {
        "model": "thinkserver sr588",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee176k"
      },
      {
        "model": "thinkpad x1 carbon 9th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2tet72w"
      },
      {
        "model": "thinkserver ts250",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "81i\\/b7s"
      },
      {
        "model": "thinkcentre m75n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m30kt26a"
      },
      {
        "model": "v50t-13iob g2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3gkt33a"
      },
      {
        "model": "legion t7-34imz5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4lkt1ea"
      },
      {
        "model": "thinkcentre m80s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2tkt50a"
      },
      {
        "model": "thinkcentre m8600s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "fwktbaa"
      },
      {
        "model": "ideacentre creator 5-14iob6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3gkt33a"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "pse144n"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkserver ts460",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tb1ts307"
      },
      {
        "model": "thinkpad x390 yoga",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2let88w"
      },
      {
        "model": "thinkserver rd350g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "vb3ts891"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkcentre m70a gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2skt25a"
      },
      {
        "model": "thinksystem sr650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "ideacentre gaming 5-14acn6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o5ekt21a"
      },
      {
        "model": "legion t5-28icb05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4bkt20a"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tqe104j"
      },
      {
        "model": "thinkcentre m910q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "ideacentre 5-14are05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4zkt29a"
      },
      {
        "model": "thinkpad x13 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n35et43w"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "u8e118m"
      },
      {
        "model": "thinkagile mx certified node - all flash",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "u8e118m"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "hye122f"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "pse144n"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinksystem st250",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinksystem sr530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "thinkcentre m710q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1zkt38a"
      },
      {
        "model": "ideacentre c5-14imb05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o4hkt38a"
      },
      {
        "model": "thinkstation p520c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "s03kt55a"
      },
      {
        "model": "ideacentre 5-14acn6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o5ekt21a"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "qt m410",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkcentre m910x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m49kt1da"
      },
      {
        "model": "thinkpad p43s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2iet98w"
      },
      {
        "model": "ideacentre gaming 5 17iab7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m42kt40a"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkcentre m75t gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m46kt2da"
      },
      {
        "model": "thinkpad p15s gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n34et46w"
      },
      {
        "model": "thinksystem st50",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ite125a"
      },
      {
        "model": "ideacentre 3-07imb05",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2vkt1da"
      },
      {
        "model": "thinkpad x1 nano gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2tet71w"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkcentre m720e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m11kt54a"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkcentre e75t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinkcentre m910t",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1akt56a"
      },
      {
        "model": "qt b415",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m16kt68a"
      },
      {
        "model": "thinkpad t15g gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n30et43w"
      },
      {
        "model": "thinkagile vx 1u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile vx 2u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinksystem sr258",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinkserver rd650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.05.0"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m5e118i"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkpad p72",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2cet61w"
      },
      {
        "model": "ideacentre 5 14iab7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m42kt40a"
      },
      {
        "model": "thinkpad t14s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2yet34w"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tqe104j"
      },
      {
        "model": "thinksystem st558",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o0e178i"
      },
      {
        "model": "thinkcentre neo 50s gen 3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m42kt40a"
      },
      {
        "model": "thinksystem sr150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ise130e"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "pse144n"
      },
      {
        "model": "thinkpad x13 yoga gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n39et50w"
      },
      {
        "model": "thinkagile mx certified node - hybrid",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkcentre m810z all-in-one",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1ekt25a"
      },
      {
        "model": "thinkpad x1 yoga 4th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2qet44w"
      },
      {
        "model": "thinkcentre m90s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2tkt50a"
      },
      {
        "model": "thinkagile mx3520 h",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkpad e490",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r0yet48w"
      },
      {
        "model": "thinkpad p17 gen 1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n30et43w"
      },
      {
        "model": "thinkagile hx2320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "ive178i"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "qitian a815",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1rkt38a"
      },
      {
        "model": "thinkpad x1 titanium",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2met54w"
      },
      {
        "model": "v50s-07imb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m2vkt1da"
      },
      {
        "model": "ideacentre gaming 5-14iob6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m3gkt33a"
      },
      {
        "model": "thinkpad l13",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r15et51w"
      },
      {
        "model": "thinkpad e14",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r16et33w"
      },
      {
        "model": "thinkpad l14 gen 2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r1jet53w"
      },
      {
        "model": "v55t gen 2 13acn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "o5jkt20a"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "u8e118m"
      },
      {
        "model": "thinkpad e490s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "r0yet48w"
      },
      {
        "model": "thinkcentre m630e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "m1wkt45a"
      },
      {
        "model": "thinkagile hx1331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "afe118m"
      },
      {
        "model": "thinkpad x1 yoga 5th gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2wet32w"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "u8e118m"
      },
      {
        "model": "thinkpad t15",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2xet33w"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "u8e118m"
      },
      {
        "model": "thinkpad t590",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "n2iet98w"
      },
      {
        "model": "thinkstation p350",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "s0akt34a"
      },
      {
        "model": "thinksystem sr570",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "tee178i"
      },
      {
        "model": "ideacentre creator 5-14iob6",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre g5-14imb05",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre 3-07imb05",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre 5-14imb05",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre 5 14iab7",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre c5-14imb05",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre e96z",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre 3 07iab7",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre 5-14acn6",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "ideacentre 5-14iob6",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "cve": "CVE-2022-40134",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.8,
            "id": "CVE-2022-40134",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "OTHER",
            "availabilityImpact": "None",
            "baseScore": 4.4,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-012567",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-40134",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2022-40134",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-012567",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202301-2381",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-40134"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-40134",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-94953",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-40134",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-40134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "id": "VAR-202301-2263",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.5089285666666666
  },
  "last_update_date": "2024-08-14T13:52:48.472000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LEN-94953",
        "trust": 0.8,
        "url": "https://support.lenovo.com/us/en/product_security/LEN-94953"
      },
      {
        "title": "Lenovo Desktops Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223211"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2022-40134 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-40134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.0
      },
      {
        "problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://support.lenovo.com/us/en/product_security/len-94953"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40134"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-40134/"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2022-40134"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-40134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2022-40134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-40134"
      },
      {
        "date": "2023-08-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "date": "2023-01-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      },
      {
        "date": "2023-01-30T22:15:12.180000",
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-31T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-40134"
      },
      {
        "date": "2023-08-31T02:59:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      },
      {
        "date": "2023-02-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      },
      {
        "date": "2023-02-08T22:19:11.150000",
        "db": "NVD",
        "id": "CVE-2022-40134"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 model\u0027s \u00a0SMI\u00a0Set\u00a0BIOS\u00a0Password\u00a0WMI\u00a0SMI\u00a0Handler\u00a0 Out-of-bounds read vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012567"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2381"
      }
    ],
    "trust": 0.6
  }
}

var-202305-0001
Vulnerability from variot

A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains a vulnerability in format strings.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202305-0001",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx5531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.60_usx324o"
      },
      {
        "model": "thinkagile hx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx1021 on se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr665 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "cve": "CVE-2023-25492",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-25492",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-25492",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2023-25492",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-25492",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2023-25492",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-25492",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202305-037",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains a vulnerability in format strings.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-25492"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-25492",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-99936",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-25492",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-25492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "id": "VAR-202305-0001",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T13:20:47.027000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Lenovo XClarity Controller Fixes for formatting string error vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=236960"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-134",
        "trust": 1.0
      },
      {
        "problemtype": "Format string problem (CWE-134) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://support.lenovo.com/us/en/product_security/len-99936"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-25492"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-25492/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-25492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-25492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-01T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-25492"
      },
      {
        "date": "2023-12-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "date": "2023-05-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      },
      {
        "date": "2023-05-01T15:15:09.290000",
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-01T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-25492"
      },
      {
        "date": "2023-12-07T02:24:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      },
      {
        "date": "2023-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      },
      {
        "date": "2023-05-10T13:37:50.410000",
        "db": "NVD",
        "id": "CVE-2023-25492"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Product Format String Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009903"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "format string error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-037"
      }
    ],
    "trust": 0.6
  }
}

var-202304-2261
Vulnerability from variot

A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be obtained

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2261",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx5531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.60_usx324o"
      },
      {
        "model": "thinkagile hx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx1021 on se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr665 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "cve": "CVE-2023-29056",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "id": "CVE-2023-29056",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 3.9,
            "id": "CVE-2023-29056",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.9,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2023-29056",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-29056",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2023-29056",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-29056",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202304-2294",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be obtained",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-29056"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-29056",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-118321",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-29056",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29056"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "id": "VAR-202304-2261",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T13:52:32.678000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Lenovo XClarity Controller Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235821"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-269",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://support.lenovo.com/us/en/product_security/len-118321"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-29056"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-29056/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29056"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29056"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-29056"
      },
      {
        "date": "2023-12-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "date": "2023-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      },
      {
        "date": "2023-04-28T22:15:09.073000",
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-29056"
      },
      {
        "date": "2023-12-06T02:39:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      },
      {
        "date": "2023-05-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      },
      {
        "date": "2023-05-08T18:02:21.357000",
        "db": "NVD",
        "id": "CVE-2023-29056"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009586"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2294"
      }
    ],
    "trust": 0.6
  }
}

var-202305-0002
Vulnerability from variot

A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202305-0002",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx5531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.60_usx324o"
      },
      {
        "model": "thinkagile hx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx1021 on se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr665 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "cve": "CVE-2023-0683",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-0683",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-0683",
            "impactScore": 5.5,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2023-0683",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-0683",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2023-0683",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-0683",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202305-007",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-0683"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-0683",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-99936",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-0683",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-0683"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "id": "VAR-202305-0002",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T13:20:47.056000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Lenovo XClarity Controller Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235607"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://support.lenovo.com/us/en/product_security/len-99936"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0683"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-0683/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-0683"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-0683"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-01T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-0683"
      },
      {
        "date": "2023-12-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "date": "2023-05-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      },
      {
        "date": "2023-05-01T15:15:09.223000",
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-01T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-0683"
      },
      {
        "date": "2023-12-07T02:26:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      },
      {
        "date": "2023-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      },
      {
        "date": "2023-05-10T13:24:14.720000",
        "db": "NVD",
        "id": "CVE-2023-0683"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009904"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202305-007"
      }
    ],
    "trust": 0.6
  }
}

var-202310-1031
Vulnerability from variot

An authenticated XCC user can change permissions for any user through a crafted API command

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202310-1031",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr860 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr590",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr675 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr635 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx edge- mx1020",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sn850",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx5530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx7330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr850p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx7530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3321",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx5520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3530-h hybrid",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3330-h hybrid",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3531 h hybrid",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr665 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr158",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr850",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr860",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3720",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021 edg",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3721",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr950",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr670",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr665",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr655 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx7820",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr850 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st258",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st658 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd665 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr860 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3331-f all-flash",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem se350",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3531-f all-flash",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx7531",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr645",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr645 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7521",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx2320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr258",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx1021 on se350",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5521",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr570",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3530 f all flash",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx630 v3 intergrated system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sn550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1331",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr250",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem st250",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx1320",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7820",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3331-h hybrid",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7531",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx650 v3 intergrated system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd650 dual node tray",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile mx3330-f all-flash",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7821",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3375",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkedge se450",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3376",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5530",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx7520",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5531",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sr630",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3720",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinksystem sd650 dwc dual node tray",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  },
  "cve": "CVE-2023-4607",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-4607",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.6,
            "id": "CVE-2023-4607",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-4607",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2023-4607",
            "trust": 1.0,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An authenticated XCC user can change permissions for any user through a crafted API command",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-4607"
      }
    ],
    "trust": 0.99
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "LENOVO",
        "id": "LEN-140960",
        "trust": 1.1
      },
      {
        "db": "NVD",
        "id": "CVE-2023-4607",
        "trust": 1.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-4607",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-4607"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  },
  "id": "VAR-202310-1031",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T14:42:59.045000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-269",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.1,
        "url": "https://support.lenovo.com/us/en/product_security/len-140960"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/269.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-4607"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-4607"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-10-25T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-4607"
      },
      {
        "date": "2023-10-25T18:17:41.560000",
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-10-25T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-4607"
      },
      {
        "date": "2023-11-07T19:14:20.553000",
        "db": "NVD",
        "id": "CVE-2023-4607"
      }
    ]
  }
}

var-202301-2329
Vulnerability from variot

A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service. plural Lenovo The product contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2329",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx enclosure certified node",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx 1se certified node",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sd650 dwc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.10_usx304w"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure certified node",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "cve": "CVE-2022-34884",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-34884",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.2,
            "id": "CVE-2022-34884",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2022-34884",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-34884",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2022-34884",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-34884",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202301-2379",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service. plural Lenovo The product contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-34884"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-34884",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-87734",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-34884",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "id": "VAR-202301-2329",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T15:00:33.521000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LEN-87734",
        "trust": 0.8,
        "url": "https://support.lenovo.com/us/en/product_security/LEN-87734"
      },
      {
        "title": "Lenovo XClarity Controller Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=224342"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2022-34884 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-787",
        "trust": 1.0
      },
      {
        "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://support.lenovo.com/us/en/product_security/len-87734"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-34884"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-34884/"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2022-34884"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-34884"
      },
      {
        "date": "2023-08-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "date": "2023-01-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      },
      {
        "date": "2023-01-30T22:15:11.770000",
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-31T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-34884"
      },
      {
        "date": "2023-08-31T03:30:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      },
      {
        "date": "2023-02-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      },
      {
        "date": "2023-02-08T22:17:00.907000",
        "db": "NVD",
        "id": "CVE-2022-34884"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Out-of-bounds write vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012569"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2379"
      }
    ],
    "trust": 0.6
  }
}

var-202304-2260
Vulnerability from variot

A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2260",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx5531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.60_usx324o"
      },
      {
        "model": "thinkagile hx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx1021 on se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr665 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx7530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "cve": "CVE-2023-29057",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-29057",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.1,
            "id": "CVE-2023-29057",
            "impactScore": 5.2,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2023-29057",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-29057",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2023-29057",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-29057",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202304-2275",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A valid XCC user\u0027s local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as \u201cLocal First, then LDAP\u201d. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-29057"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-29057",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-118321",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-29057",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29057"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "id": "VAR-202304-2260",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T13:52:32.707000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Lenovo XClarity Controller Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235813"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-276",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://support.lenovo.com/us/en/product_security/len-118321"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-29057"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-29057/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29057"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29057"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-29057"
      },
      {
        "date": "2023-12-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "date": "2023-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      },
      {
        "date": "2023-04-28T21:15:08.673000",
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-29057"
      },
      {
        "date": "2023-12-07T02:30:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      },
      {
        "date": "2023-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      },
      {
        "date": "2023-05-10T16:09:19.657000",
        "db": "NVD",
        "id": "CVE-2023-29057"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009905"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2275"
      }
    ],
    "trust": 0.6
  }
}

var-202304-2262
Vulnerability from variot

A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be tampered with

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2262",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx5531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.60_usx324o"
      },
      {
        "model": "thinkagile hx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx1021 on se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr665 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "cve": "CVE-2023-29058",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-29058",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 0.9,
            "id": "CVE-2023-29058",
            "impactScore": 5.5,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2023-29058",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-29058",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2023-29058",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-29058",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202304-2274",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be tampered with",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-29058"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-29058",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-118321",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-29058",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "id": "VAR-202304-2262",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T13:52:32.640000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Lenovo XClarity Controller Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=236402"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-276",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://support.lenovo.com/us/en/product_security/len-118321"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-29058"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-29058/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-29058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-29058"
      },
      {
        "date": "2023-12-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "date": "2023-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      },
      {
        "date": "2023-04-28T21:15:08.750000",
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-29058"
      },
      {
        "date": "2023-12-06T02:46:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      },
      {
        "date": "2023-05-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      },
      {
        "date": "2023-05-08T17:27:52.427000",
        "db": "NVD",
        "id": "CVE-2023-29058"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009601"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2274"
      }
    ],
    "trust": 0.6
  }
}

var-202304-2198
Vulnerability from variot

A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains an insufficient credential protection vulnerability.Information may be obtained

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2198",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx 1se",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile hx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx2331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx5531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr645 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sd650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.75_psi348s"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile hx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.88_cdi3a4a"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.60_usx324o"
      },
      {
        "model": "thinkagile hx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.93_afbt30p"
      },
      {
        "model": "thinkagile mx1021 on se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.72_tei388s"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.60_tgbt42h"
      },
      {
        "model": "thinksystem sr665 v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.71_d8bt48p"
      },
      {
        "model": "thinkagile hx7530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3330",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx5530",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "cve": "CVE-2023-25495",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.2,
            "id": "CVE-2023-25495",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.9,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2023-25495",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-25495",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2023-25495",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-25495",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202304-2297",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations.  There is no exposure where no LDAP client password is configured. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains an insufficient credential protection vulnerability.Information may be obtained",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-25495"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-25495",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-99936",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-25495",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-25495"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "id": "VAR-202304-2198",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T13:20:46.997000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Lenovo XClarity Controller Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235823"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-522",
        "trust": 1.0
      },
      {
        "problemtype": "Inadequate protection of credentials (CWE-522) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://support.lenovo.com/us/en/product_security/len-99936"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-25495"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-25495/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-25495"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-25495"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-25495"
      },
      {
        "date": "2023-12-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "date": "2023-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      },
      {
        "date": "2023-04-28T22:15:08.950000",
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-04-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-25495"
      },
      {
        "date": "2023-12-06T04:42:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      },
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      },
      {
        "date": "2023-05-09T20:36:34.067000",
        "db": "NVD",
        "id": "CVE-2023-25495"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Insufficient Protection of Credentials in Products Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009621"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202304-2297"
      }
    ],
    "trust": 0.6
  }
}

var-202301-2330
Vulnerability from variot

The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect. plural Lenovo An improper comparison vulnerability exists in the product.Information may be obtained

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2330",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thinksystem sr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx7521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx2321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx3530-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem st250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinksystem sd530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem st250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinksystem sr650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx3721",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx3321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem st550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr665",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinksystem sr150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx3531-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx3376",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinkagile vx 2u4n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx3530 f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx7520 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile mx3531 h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr670 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile vx7531",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx5530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sn850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile mx1021",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem sr645",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinksystem st258 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinkagile vx 4u",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile hx5521-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sn550 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile vx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem st650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile mx3330-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr590",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile mx3331-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr630",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr850p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem sr158",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx7320 n",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinksystem sn550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr650",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr860",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx3375",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "4.10_d8bt38l"
      },
      {
        "model": "thinkagile vx2320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx5520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sd650 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem sr570",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx3320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx3521-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr550",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx7820",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile hx7821",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile hx3520-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sr950",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.50_psi346l"
      },
      {
        "model": "thinkagile mx1020",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinkagile hx1320",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx5521",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx3530-g",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx1321",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinksystem sd650-n v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem sr670",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinkagile mx3331-h",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr860 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem st258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem st658 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinksystem sr850 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile hx3720",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkstation p920",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx5520-c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx enclosure certified node",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx7330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx7530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr250 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.96_tgbt34x"
      },
      {
        "model": "thinksystem sd630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "2.00_tgbt36o"
      },
      {
        "model": "thinkagile vx3331",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sr530",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile vx 1se certified node",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinksystem sr630 v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile mx3330-f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinksystem sd650 dwc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile vx2330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkagile vx3330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80_afbt20n"
      },
      {
        "model": "thinkedge se450",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.10_usx304w"
      },
      {
        "model": "thinksystem se350",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "3.60_tei386m"
      },
      {
        "model": "thinksystem sr258",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "5.20_tei3c8m"
      },
      {
        "model": "thinkagile hx7520",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "8.40-cdi394n"
      },
      {
        "model": "thinkagile hx1520-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1521-r",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2320-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2720-e",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile vx3331",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx enclosure certified node",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1021",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx1320",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      },
      {
        "model": "thinkagile hx2321",
        "scope": null,
        "trust": 0.8,
        "vendor": "lenovo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "cve": "CVE-2022-34888",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-34888",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "psirt@lenovo.com",
            "availabilityImpact": "LOW",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.2,
            "id": "CVE-2022-34888",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2022-34888",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-34888",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "psirt@lenovo.com",
            "id": "CVE-2022-34888",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-34888",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202301-2376",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect. plural Lenovo An improper comparison vulnerability exists in the product.Information may be obtained",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-34888"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-34888",
        "trust": 3.3
      },
      {
        "db": "LENOVO",
        "id": "LEN-87734",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-34888",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "id": "VAR-202301-2330",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.625
  },
  "last_update_date": "2024-08-14T15:00:33.556000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LEN-87734",
        "trust": 0.8,
        "url": "https://support.lenovo.com/us/en/product_security/LEN-87734"
      },
      {
        "title": "Lenovo XClarity Controller Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223622"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2022-34888 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-697",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-184",
        "trust": 1.0
      },
      {
        "problemtype": "Inappropriate comparison (CWE-697) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://support.lenovo.com/us/en/product_security/len-87734"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-34888"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-34888/"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2022-34888"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2022-34888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-34888"
      },
      {
        "date": "2023-08-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "date": "2023-01-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      },
      {
        "date": "2023-01-30T22:15:11.960000",
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-31T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-34888"
      },
      {
        "date": "2023-08-31T02:42:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      },
      {
        "date": "2023-02-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      },
      {
        "date": "2023-02-08T22:18:21.590000",
        "db": "NVD",
        "id": "CVE-2022-34888"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Lenovo\u00a0 Improper Comparison Vulnerability in Products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012565"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-2376"
      }
    ],
    "trust": 0.6
  }
}

cve-2024-23591
Vulnerability from cvelistv5
Published
2024-02-16 16:17
Modified
2024-08-01 23:06
Summary
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP 800-193-compliant Platform Firmware Resiliency (PFR) security subsystem significantly mitigates this issue.
Impacted products
Vendor Product Version
Lenovo ThinkSystem SR670 V2 Version:   < U8E126I-2.20
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23591",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-26T15:09:19.091943Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-26T15:09:33.128Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:06:25.269Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://support.lenovo.com/us/en/product_security/LEN-150020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ThinkSystem SR670 V2",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "U8E126I-2.20",
              "status": "affected",
              "version": " ",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lenovo thanks Eclypsium\u2019s Supply Chain Security Solution for identifying instances of this issue."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ean attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting.\u0026nbsp;\u003c/span\u003eThe server\u2019s NIST SP\n800-193-compliant Platform Firmware Resiliency (PFR) security subsystem\nsignificantly mitigates this issue."
            }
          ],
          "value": "ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow \n\nan attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting.\u00a0The server\u2019s NIST SP\n800-193-compliant Platform Firmware Resiliency (PFR) security subsystem\nsignificantly mitigates this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1269",
              "description": "CWE-1269 Product Released in Non-Release Configuration",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-20T21:47:49.570Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://https://support.lenovo.com/us/en/product_security/LEN-150020"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update system UEFI firmware to version u8e126i-2.20 (or newer) indicated for your model in the Product Impact section of our advisory: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-150020\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-150020\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": "Update system UEFI firmware to version u8e126i-2.20 (or newer) indicated for your model in the Product Impact section of our advisory:  https://support.lenovo.com/us/en/product_security/LEN-150020 \n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2024-23591",
    "datePublished": "2024-02-16T16:17:58.614Z",
    "dateReserved": "2024-01-18T15:28:42.477Z",
    "dateUpdated": "2024-08-01T23:06:25.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}