Vulnerabilites related to Lenovo - ThinkSystem SR670 V2
var-202301-2263
Vulnerability from variot
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2263", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinkpad s3 2nd gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r16et33w" }, { "model": "thinkcentre m710s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "ideacentre a340-22igm", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o51kt12a" }, { "model": "thinkagile hx7531", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkcentre m70s gen 3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2tkt50a" }, { "model": "thinkserver sd350", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.05.0" }, { "model": "thinksystem sr630", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile mx3531 h", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "ideacentre gaming 5 17acn7", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o5ekt21a" }, { "model": "thinksystem dx1100u", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile hx5521-c", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad x1 carbon 7th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2qet44w" }, { "model": "thinkagile hx5530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkagile hx5520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad p14s gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n34et46w" }, { "model": "thinksystem st250 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tqe104j" }, { "model": "thinksystem dn8836", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "l0.40" }, { "model": "yta8900f", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "v530-15arr", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "not_affected" }, { "model": "thinkagile vx 2u4n", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkagile vx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkagile vx7330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkagile hx7821", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "pse144n" }, { "model": "thinkagile hx3320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad e15 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r1eet45w" }, { "model": "thinksystem st258", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinkpad x1 yoga 4th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2het66w" }, { "model": "thinkstation p620", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "s07kt25a" }, { "model": "thinkagile hx3520-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkstation p340", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "s08kt50a" }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "yangtian afq150", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "thinkpad p73", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2net49w" }, { "model": "thinkstation p520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "s03kt55a" }, { "model": "thinksystem dx8200d", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile hx5521", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad t15p gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n30et43w" }, { "model": "thinkagile mx1021", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "hye122f" }, { "model": "ideacentre 5-14imb05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4hkt38a" }, { "model": "thinkagile mx3520 f", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkstation p310", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "v530s-07icr", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m30kt26a" }, { "model": "ideacentre 5-14iob6", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3gkt33a" }, { "model": "thinkserver td350", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.04.0" }, { "model": "thinksystem se350", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "hye122f" }, { "model": "v530-24icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m20kt52a" }, { "model": "thinkagile mx3331-f", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkcentre m80q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m46kt2da" }, { "model": "thinkpad l390", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r10et51w" }, { "model": "thinkserver ts150", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "81i\\/b7s" }, { "model": "thinkpad t490s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2jet97w" }, { "model": "thinkserver rd450", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.05.0" }, { "model": "thinkagile hx2720-e", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkpad l15 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r1jet53w" }, { "model": "thinksystem sr670 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "u8e118m" }, { "model": "thinkagile hx1021", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "hye122f" }, { "model": "v30a-22iml", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m37kt28a" }, { "model": "v50a-24imb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m36kt28a" }, { "model": "thinkagile hx3721", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkagile hx3375", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "d8e128f" }, { "model": "thinkpad x13 yoga gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2uet58w" }, { "model": "thinkagile hx3376", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "d8e128f" }, { "model": "thinkagile hx2321", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad x1 carbon 7th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2het66w" }, { "model": "thinkagile hx7530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkpad x1 extreme 3rd gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2vet34w" }, { "model": "thinksystem sr250", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinkcentre m70s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m43kt16a" }, { "model": "thinkpad p15v gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n30et43w" }, { "model": "thinkagile hx3321", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile vx5530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkagile vx3331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkagile vx7531", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkpad e15", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r16et33w" }, { "model": "v30a-24iml", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m37kt28a" }, { "model": "ideacentre g5-14imb05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4hkt38a" }, { "model": "thinkcentre m90t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "thinkcentre m75t gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3bkt29a" }, { "model": "ideacentre a340-24igm", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o51kt12a" }, { "model": "thinkpad p1 gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2eet56w" }, { "model": "thinkcentre m625q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3skt21a" }, { "model": "thinksystem sn550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "v530s-07icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "not_affected" }, { "model": "thinkcentre m818z", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1nkt58a" }, { "model": "thinkpad p52", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2cet61w" }, { "model": "v520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "v35s-07ada", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4fkt29a" }, { "model": "thinkserver sr860p", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee176k" }, { "model": "thinkcentre m70c", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3nkt20a" }, { "model": "legion t530-28apr", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4gkt16a" }, { "model": "thinkcentre m90a", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3lkt26a" }, { "model": "thinkpad l15", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r17et33w" }, { "model": "thinkcentre m910s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "thinkagile hx3521-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad t490", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2iet98w" }, { "model": "thinksystem hr630x", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "hr6n0661" }, { "model": "thinkcentre m80t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1ckt49a" }, { "model": "thinkcentre m90q gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2wkt57a" }, { "model": "thinkpad t15 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n34et46w" }, { "model": "ideacentre 3-07ada05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4fkt29a" }, { "model": "thinkcentre m90q tiny", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2tkt50a" }, { "model": "thinkserver ts550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktb7s" }, { "model": "legion t5-26iob6", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o54kt1da" }, { "model": "thinkcentre m75s gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3bkt29a" }, { "model": "thinkcentre e96z", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m26kt22a" }, { "model": "thinkcentre m6600t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "thinksystem sr158", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinksystem sr850", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinksystem sr860", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkcentre m60e tiny", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o5fkt14a" }, { "model": "n3310 storage", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.05.0" }, { "model": "thinkpad p53", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2net49w" }, { "model": "thinkcentre m70q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2vkt1da" }, { "model": "yoga a940-27icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o43kt43a" }, { "model": "thinkpad p14s gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2xet33w" }, { "model": "legion t530-28icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4bkt20a" }, { "model": "thinkpad p15s gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2xet33w" }, { "model": "thinkagile hx7521", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile mx3321 h", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkstation p318", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "thinkpad x1 extreme 1st gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2eet56w" }, { "model": "thinkagile vx3520-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkcentre m6600s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "thinkcentre m70q gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2wkt57a" }, { "model": "thinkserver ts560", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tb1ts307" }, { "model": "v530s-07icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m22kt48a" }, { "model": "thinkagile vx3330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinksystem hr650x", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "hr6n0661" }, { "model": "thinkserver rd350", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.05.0" }, { "model": "thinkstation p350 tiny", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3jkt34a" }, { "model": "thinkpad x1 extreme 2nd gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2oet54w" }, { "model": "n4610 storage", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.05.0" }, { "model": "thinkpad x1 yoga 6th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2tet72w" }, { "model": "ideacentre g5-14amr05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4zkt29a" }, { "model": "v530-15icr", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2ykt31a" }, { "model": "stadia ggp-120", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "s03kt55a" }, { "model": "thinkcentre m90a gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3jkt34a" }, { "model": "thinkcentre m75t gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3akt44a" }, { "model": "thinkpad p1 gen 3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2vet34w" }, { "model": "thinksystem sr670", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "g1e130i" }, { "model": "thinkagile mx3321 f", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad e14 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r1eet45w" }, { "model": "thinkpad p15 gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n30et43w" }, { "model": "thinkpad x1 carbon 8th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2wet32w" }, { "model": "thinkcentre m715q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinkstation p348", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3kkt34a" }, { "model": "ideacentre 3 07iab7", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m49kt1da" }, { "model": "thinkpad l590", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r0zet50w" }, { "model": "thinksystem sd530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkcentre m8600t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "thinkagile hx7520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad p53s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2iet98w" }, { "model": "thinkagile vx3530-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkagile vx3720", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkcentre e75s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinkcentre m80s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2wkt57a" }, { "model": "thinkagile mx3530 f", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "v50a-22imb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m36kt28a" }, { "model": "thinksystem sr850p", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee176k" }, { "model": "thinkcentre m75s gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3akt44a" }, { "model": "thinkpad l13 yoga", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r15et51w" }, { "model": "thinkagile vx7320 n", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad t14 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n34et46w" }, { "model": "thinkcentre m75t gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkedge se30", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3fkt29a" }, { "model": "thinkcentre m6600q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "thinkagile mx3330-f", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinksystem sr650", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "v530-22icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m20kt52a" }, { "model": "thinkagile hx2320-e", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile vx7520 n", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad x12 detachable gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r1get43w" }, { "model": "thinkserver ts450", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktb7s" }, { "model": "thinkagile hx3330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinksystem st258 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tqe104j" }, { "model": "thinkcentre m820z all-in-one", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2rkt52a" }, { "model": "qt m415", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinksystem sr665", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "d8e128f" }, { "model": "thinkcentre m610", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "thinkcentre m710e", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m41kt2da" }, { "model": "v50t-13imb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4hkt38a" }, { "model": "thinksystem sr860 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m5e118i" }, { "model": "thinksystem st58", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ite125a" }, { "model": "thinkcentre m710t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinkcentre m75t gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m47kt24a" }, { "model": "thinkpad l490", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r0zet50w" }, { "model": "thinkagile hx5531", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkagile vx1320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinksmart hub teams", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2xkt20a" }, { "model": "thinksystem sn550 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "u8e118m" }, { "model": "thinksystem sr630 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkserver rs260", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "vb1ts307" }, { "model": "thinksystem sr645", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "d8e128f" }, { "model": "thinksystem hr610x", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "hr6n0661" }, { "model": "thinkcentre m700q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "ideacentre 510s-07icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m22kt47a" }, { "model": "thinkpad e590", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r0yet48w" }, { "model": "thinkagile mx3330-h", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkpad t14s gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n35et43w" }, { "model": "thinksystem sr590", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkagile hx2331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkcentre m75q gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m33kt25a" }, { "model": "thinkpad t14 gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2xet33w" }, { "model": "v330-20icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1qkt47a" }, { "model": "legion c530-19icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4bkt20a" }, { "model": "ideacentre 510s-07icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m22kt48a" }, { "model": "thinkpad p1 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2oet54w" }, { "model": "ideacentre 510s-07ick", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m30kt26a" }, { "model": "v530-15icb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1ykt70a" }, { "model": "thinkcentre m70a", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m28kt37a" }, { "model": "v540-24iwl", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m29kt39a" }, { "model": "thinkserver rd550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.03.0" }, { "model": "thinkstation p320 tiny", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "thinkpad l14", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r17et33w" }, { "model": "thinkpad r14 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r1eet45w" }, { "model": "thinkserver sr590", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee176k" }, { "model": "thinkpad l390 yoga", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r10et51w" }, { "model": "thinkcentre m80t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2tkt50a" }, { "model": "thinksmart hub zoom", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2xkt20a" }, { "model": "thinkserver rs160", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "vb1ts307" }, { "model": "thinksystem st550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o0e178i" }, { "model": "thinksystem sr550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkcentre m70q gen 3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3jkt34a" }, { "model": "thinkagile hx3331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkpad x13", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2yet34w" }, { "model": "v520s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinkcentre m70t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m41kt2da" }, { "model": "thinksmart hub 500", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m23kt29a" }, { "model": "thinkagile vx7520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkcentre m70t gen 3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2tkt50a" }, { "model": "thinksystem sr950", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "pse144n" }, { "model": "thinkstation p340 tiny", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2wkt57a" }, { "model": "thinkagile hx1521-r", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile vx 1se", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinksystem sn850", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad x390", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2jet97w" }, { "model": "thinksystem sd650 dwc dual node tray", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ote178g" }, { "model": "thinkserver sr588", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee176k" }, { "model": "thinkpad x1 carbon 9th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2tet72w" }, { "model": "thinkserver ts250", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "81i\\/b7s" }, { "model": "thinkcentre m75n", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m30kt26a" }, { "model": "v50t-13iob g2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3gkt33a" }, { "model": "legion t7-34imz5", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4lkt1ea" }, { "model": "thinkcentre m80s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2tkt50a" }, { "model": "thinkcentre m8600s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "fwktbaa" }, { "model": "ideacentre creator 5-14iob6", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3gkt33a" }, { "model": "thinkagile vx 4u", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "pse144n" }, { "model": "thinkagile mx3530-h", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkserver ts460", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tb1ts307" }, { "model": "thinkpad x390 yoga", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2let88w" }, { "model": "thinkserver rd350g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "vb3ts891" }, { "model": "thinkagile vx3320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinksystem sr850p", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkcentre m70a gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2skt25a" }, { "model": "thinksystem sr650 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "ideacentre gaming 5-14acn6", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o5ekt21a" }, { "model": "legion t5-28icb05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4bkt20a" }, { "model": "thinksystem sr250 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tqe104j" }, { "model": "thinkcentre m910q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "ideacentre 5-14are05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4zkt29a" }, { "model": "thinkpad x13 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n35et43w" }, { "model": "thinksystem sd630 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "u8e118m" }, { "model": "thinkagile mx certified node - all flash", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinksystem st650 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "u8e118m" }, { "model": "thinkagile mx1020", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "hye122f" }, { "model": "thinkagile hx7820", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "pse144n" }, { "model": "thinkagile mx3331-h", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinksystem st250", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinksystem sr530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "thinkcentre m710q", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1zkt38a" }, { "model": "ideacentre c5-14imb05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o4hkt38a" }, { "model": "thinkstation p520c", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "s03kt55a" }, { "model": "ideacentre 5-14acn6", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o5ekt21a" }, { "model": "thinkagile vx2320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "qt m410", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinkagile vx5520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkcentre m910x", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m49kt1da" }, { "model": "thinkpad p43s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2iet98w" }, { "model": "ideacentre gaming 5 17iab7", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m42kt40a" }, { "model": "thinkagile vx7530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkcentre m75t gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m46kt2da" }, { "model": "thinkpad p15s gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n34et46w" }, { "model": "thinksystem st50", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ite125a" }, { "model": "ideacentre 3-07imb05", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2vkt1da" }, { "model": "thinkpad x1 nano gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2tet71w" }, { "model": "thinkagile hx1320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkcentre m720e", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m11kt54a" }, { "model": "thinkagile hx1321", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile hx1520-r", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkcentre e75t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinkcentre m910t", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1akt56a" }, { "model": "qt b415", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m16kt68a" }, { "model": "thinkpad t15g gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n30et43w" }, { "model": "thinkagile vx 1u", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile hx5520-c", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile vx 2u", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinksystem sr258", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinkserver rd650", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "5.05.0" }, { "model": "thinksystem sr850 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m5e118i" }, { "model": "thinkagile mx3531-f", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkpad p72", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2cet61w" }, { "model": "ideacentre 5 14iab7", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m42kt40a" }, { "model": "thinkpad t14s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2yet34w" }, { "model": "thinksystem sr258 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tqe104j" }, { "model": "thinksystem st558", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o0e178i" }, { "model": "thinkcentre neo 50s gen 3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m42kt40a" }, { "model": "thinksystem sr150", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ise130e" }, { "model": "thinkagile vx7820", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "pse144n" }, { "model": "thinkpad x13 yoga gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n39et50w" }, { "model": "thinkagile mx certified node - hybrid", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkcentre m810z all-in-one", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1ekt25a" }, { "model": "thinkpad x1 yoga 4th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2qet44w" }, { "model": "thinkcentre m90s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2tkt50a" }, { "model": "thinkagile mx3520 h", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkpad e490", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r0yet48w" }, { "model": "thinkpad p17 gen 1", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n30et43w" }, { "model": "thinkagile hx2320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "ive178i" }, { "model": "thinkagile hx3720", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "qitian a815", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1rkt38a" }, { "model": "thinkpad x1 titanium", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2met54w" }, { "model": "v50s-07imb", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m2vkt1da" }, { "model": "ideacentre gaming 5-14iob6", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m3gkt33a" }, { "model": "thinkpad l13", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r15et51w" }, { "model": "thinkpad e14", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r16et33w" }, { "model": "thinkpad l14 gen 2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r1jet53w" }, { "model": "v55t gen 2 13acn", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "o5jkt20a" }, { "model": "thinksystem sd650-n v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "u8e118m" }, { "model": "thinkpad e490s", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "r0yet48w" }, { "model": "thinkcentre m630e", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "m1wkt45a" }, { "model": "thinkagile hx1331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "afe118m" }, { "model": "thinkpad x1 yoga 5th gen", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2wet32w" }, { "model": "thinksystem sd650 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "u8e118m" }, { "model": "thinkpad t15", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2xet33w" }, { "model": "thinksystem st658 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "u8e118m" }, { "model": "thinkpad t590", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "n2iet98w" }, { "model": "thinkstation p350", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "s0akt34a" }, { "model": "thinksystem sr570", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "tee178i" }, { "model": "ideacentre creator 5-14iob6", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre g5-14imb05", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre 3-07imb05", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre 5-14imb05", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre 5 14iab7", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre c5-14imb05", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre e96z", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre 3 07iab7", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre 5-14acn6", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideacentre 5-14iob6", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "NVD", "id": "CVE-2022-40134" } ] }, "cve": "CVE-2022-40134", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.8, "id": "CVE-2022-40134", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "OTHER", "availabilityImpact": "None", "baseScore": 4.4, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2022-012567", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-40134", "trust": 1.0, "value": "MEDIUM" }, { "author": "psirt@lenovo.com", "id": "CVE-2022-40134", "trust": 1.0, "value": "MEDIUM" }, { "author": "OTHER", "id": "JVNDB-2022-012567", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202301-2381", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "CNNVD", "id": "CNNVD-202301-2381" }, { "db": "NVD", "id": "CVE-2022-40134" }, { "db": "NVD", "id": "CVE-2022-40134" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory", "sources": [ { "db": "NVD", "id": "CVE-2022-40134" }, { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "VULMON", "id": "CVE-2022-40134" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-40134", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-94953", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2022-012567", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202301-2381", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-40134", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-40134" }, { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "CNNVD", "id": "CNNVD-202301-2381" }, { "db": "NVD", "id": "CVE-2022-40134" } ] }, "id": "VAR-202301-2263", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.5089285666666666 }, "last_update_date": "2024-08-14T13:52:48.472000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "LEN-94953", "trust": 0.8, "url": "https://support.lenovo.com/us/en/product_security/LEN-94953" }, { "title": "Lenovo Desktops Buffer error vulnerability fix", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223211" }, { "title": "", "trust": 0.1, "url": "https://github.com/Live-Hack-CVE/CVE-2022-40134 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-40134" }, { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "CNNVD", "id": "CNNVD-202301-2381" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-125", "trust": 1.0 }, { "problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "NVD", "id": "CVE-2022-40134" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://support.lenovo.com/us/en/product_security/len-94953" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40134" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-40134/" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2022-40134" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-40134" }, { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "CNNVD", "id": "CNNVD-202301-2381" }, { "db": "NVD", "id": "CVE-2022-40134" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2022-40134" }, { "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "db": "CNNVD", "id": "CNNVD-202301-2381" }, { "db": "NVD", "id": "CVE-2022-40134" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-30T00:00:00", "db": "VULMON", "id": "CVE-2022-40134" }, { "date": "2023-08-31T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "date": "2023-01-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-2381" }, { "date": "2023-01-30T22:15:12.180000", "db": "NVD", "id": "CVE-2022-40134" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-31T00:00:00", "db": "VULMON", "id": "CVE-2022-40134" }, { "date": "2023-08-31T02:59:00", "db": "JVNDB", "id": "JVNDB-2022-012567" }, { "date": "2023-02-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-2381" }, { "date": "2023-02-08T22:19:11.150000", "db": "NVD", "id": "CVE-2022-40134" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202301-2381" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 model\u0027s \u00a0SMI\u00a0Set\u00a0BIOS\u00a0Password\u00a0WMI\u00a0SMI\u00a0Handler\u00a0 Out-of-bounds read vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012567" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202301-2381" } ], "trust": 0.6 } }
var-202305-0001
Vulnerability from variot
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains a vulnerability in format strings.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202305-0001", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx 1se", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx enclosure", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx5531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile mx1020", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.60_usx324o" }, { "model": "thinkagile hx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx1021 on se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr665 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "db": "NVD", "id": "CVE-2023-25492" } ] }, "cve": "CVE-2023-25492", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2023-25492", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "id": "CVE-2023-25492", "impactScore": 3.4, "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-25492", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-25492", "trust": 1.0, "value": "HIGH" }, { "author": "psirt@lenovo.com", "id": "CVE-2023-25492", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2023-25492", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202305-037", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "db": "CNNVD", "id": "CNNVD-202305-037" }, { "db": "NVD", "id": "CVE-2023-25492" }, { "db": "NVD", "id": "CVE-2023-25492" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains a vulnerability in format strings.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2023-25492" }, { "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "db": "VULMON", "id": "CVE-2023-25492" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-25492", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-99936", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2023-009903", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202305-037", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-25492", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-25492" }, { "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "db": "CNNVD", "id": "CNNVD-202305-037" }, { "db": "NVD", "id": "CVE-2023-25492" } ] }, "id": "VAR-202305-0001", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T13:20:47.027000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Lenovo XClarity Controller Fixes for formatting string error vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=236960" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-037" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-134", "trust": 1.0 }, { "problemtype": "Format string problem (CWE-134) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "db": "NVD", "id": "CVE-2023-25492" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://support.lenovo.com/us/en/product_security/len-99936" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-25492" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-25492/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-25492" }, { "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "db": "CNNVD", "id": "CNNVD-202305-037" }, { "db": "NVD", "id": "CVE-2023-25492" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-25492" }, { "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "db": "CNNVD", "id": "CNNVD-202305-037" }, { "db": "NVD", "id": "CVE-2023-25492" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-01T00:00:00", "db": "VULMON", "id": "CVE-2023-25492" }, { "date": "2023-12-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "date": "2023-05-01T00:00:00", "db": "CNNVD", "id": "CNNVD-202305-037" }, { "date": "2023-05-01T15:15:09.290000", "db": "NVD", "id": "CVE-2023-25492" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-01T00:00:00", "db": "VULMON", "id": "CVE-2023-25492" }, { "date": "2023-12-07T02:24:00", "db": "JVNDB", "id": "JVNDB-2023-009903" }, { "date": "2023-05-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202305-037" }, { "date": "2023-05-10T13:37:50.410000", "db": "NVD", "id": "CVE-2023-25492" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-037" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Product Format String Vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009903" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "format string error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-037" } ], "trust": 0.6 } }
var-202304-2261
Vulnerability from variot
A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2261", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx 1se", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx enclosure", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx5531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile mx1020", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.60_usx324o" }, { "model": "thinkagile hx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx1021 on se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr665 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "db": "NVD", "id": "CVE-2023-29056" } ] }, "cve": "CVE-2023-29056", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.2, "id": "CVE-2023-29056", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 3.9, "id": "CVE-2023-29056", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, { "attackComplexity": "High", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.9, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-29056", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-29056", "trust": 1.0, "value": "MEDIUM" }, { "author": "psirt@lenovo.com", "id": "CVE-2023-29056", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2023-29056", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202304-2294", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "db": "CNNVD", "id": "CNNVD-202304-2294" }, { "db": "NVD", "id": "CVE-2023-29056" }, { "db": "NVD", "id": "CVE-2023-29056" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be obtained", "sources": [ { "db": "NVD", "id": "CVE-2023-29056" }, { "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "db": "VULMON", "id": "CVE-2023-29056" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-29056", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-118321", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2023-009586", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202304-2294", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-29056", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-29056" }, { "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "db": "CNNVD", "id": "CNNVD-202304-2294" }, { "db": "NVD", "id": "CVE-2023-29056" } ] }, "id": "VAR-202304-2261", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T13:52:32.678000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Lenovo XClarity Controller Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235821" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2294" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-269", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "db": "NVD", "id": "CVE-2023-29056" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://support.lenovo.com/us/en/product_security/len-118321" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-29056" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-29056/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-29056" }, { "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "db": "CNNVD", "id": "CNNVD-202304-2294" }, { "db": "NVD", "id": "CVE-2023-29056" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-29056" }, { "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "db": "CNNVD", "id": "CNNVD-202304-2294" }, { "db": "NVD", "id": "CVE-2023-29056" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-29056" }, { "date": "2023-12-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "date": "2023-04-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2294" }, { "date": "2023-04-28T22:15:09.073000", "db": "NVD", "id": "CVE-2023-29056" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-29056" }, { "date": "2023-12-06T02:39:00", "db": "JVNDB", "id": "JVNDB-2023-009586" }, { "date": "2023-05-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2294" }, { "date": "2023-05-08T18:02:21.357000", "db": "NVD", "id": "CVE-2023-29056" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2294" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009586" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2294" } ], "trust": 0.6 } }
var-202305-0002
Vulnerability from variot
A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202305-0002", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx 1se", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx enclosure", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx5531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile mx1020", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.60_usx324o" }, { "model": "thinkagile hx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx1021 on se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr665 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "db": "NVD", "id": "CVE-2023-0683" } ] }, "cve": "CVE-2023-0683", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2023-0683", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2023-0683", "impactScore": 5.5, "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-0683", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-0683", "trust": 1.0, "value": "HIGH" }, { "author": "psirt@lenovo.com", "id": "CVE-2023-0683", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2023-0683", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202305-007", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "db": "CNNVD", "id": "CNNVD-202305-007" }, { "db": "NVD", "id": "CVE-2023-0683" }, { "db": "NVD", "id": "CVE-2023-0683" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2023-0683" }, { "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "db": "VULMON", "id": "CVE-2023-0683" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-0683", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-99936", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2023-009904", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202305-007", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-0683", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-0683" }, { "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "db": "CNNVD", "id": "CNNVD-202305-007" }, { "db": "NVD", "id": "CVE-2023-0683" } ] }, "id": "VAR-202305-0002", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T13:20:47.056000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Lenovo XClarity Controller Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235607" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-007" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "db": "NVD", "id": "CVE-2023-0683" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://support.lenovo.com/us/en/product_security/len-99936" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0683" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-0683/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-0683" }, { "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "db": "CNNVD", "id": "CNNVD-202305-007" }, { "db": "NVD", "id": "CVE-2023-0683" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-0683" }, { "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "db": "CNNVD", "id": "CNNVD-202305-007" }, { "db": "NVD", "id": "CVE-2023-0683" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-01T00:00:00", "db": "VULMON", "id": "CVE-2023-0683" }, { "date": "2023-12-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "date": "2023-05-01T00:00:00", "db": "CNNVD", "id": "CNNVD-202305-007" }, { "date": "2023-05-01T15:15:09.223000", "db": "NVD", "id": "CVE-2023-0683" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-01T00:00:00", "db": "VULMON", "id": "CVE-2023-0683" }, { "date": "2023-12-07T02:26:00", "db": "JVNDB", "id": "JVNDB-2023-009904" }, { "date": "2023-05-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202305-007" }, { "date": "2023-05-10T13:24:14.720000", "db": "NVD", "id": "CVE-2023-0683" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-007" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009904" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-007" } ], "trust": 0.6 } }
var-202310-1031
Vulnerability from variot
An authenticated XCC user can change permissions for any user through a crafted API command
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202310-1031", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr860 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr590", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr630 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr630 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr670 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr675 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr635 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx edge- mx1020", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sn850", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx5530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx7330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr850p", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx7530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3321", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx5520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3530-h hybrid", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3330-h hybrid", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3531 h hybrid", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr650", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr665 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr158", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx7520 n", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr258 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr850", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr860", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3720", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx630 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021 edg", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3721", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr950", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr670", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3521-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr665", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr655 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx7820", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr850 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st258", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3530-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx 2u4n", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st658 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd650-n v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd650 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr850 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st658 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd665 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr860 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3331-f all-flash", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5521-c", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st258 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem se350", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx 4u", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3531-f all-flash", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx7531", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr645", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr645 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7521", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx2320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd630 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr258", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st650 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3520-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx650 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx7320 n", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx1021 on se350", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3520-g", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sn550 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5521", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr570", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3530 f all flash", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1520-r", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx630 v3 intergrated system", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr650 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sn550", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st250 v2", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx 1se", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1331", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr250", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr150", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st650 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5520-c", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem st250", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx1320", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd650 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7820", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3331-h hybrid", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7531", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx650 v3 intergrated system", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd650 dual node tray", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr650 v3", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile mx3330-f all-flash", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7821", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3375", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkedge se450", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3376", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5530", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx7520", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5531", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sr630", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3720", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinksystem sd650 dwc dual node tray", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "NVD", "id": "CVE-2023-4607" } ] }, "cve": "CVE-2023-4607", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2023-4607", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.6, "id": "CVE-2023-4607", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-4607", "trust": 1.0, "value": "HIGH" }, { "author": "psirt@lenovo.com", "id": "CVE-2023-4607", "trust": 1.0, "value": "HIGH" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-4607" }, { "db": "NVD", "id": "CVE-2023-4607" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An authenticated XCC user can change permissions for any user through a crafted API command", "sources": [ { "db": "NVD", "id": "CVE-2023-4607" }, { "db": "VULMON", "id": "CVE-2023-4607" } ], "trust": 0.99 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "LENOVO", "id": "LEN-140960", "trust": 1.1 }, { "db": "NVD", "id": "CVE-2023-4607", "trust": 1.1 }, { "db": "VULMON", "id": "CVE-2023-4607", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-4607" }, { "db": "NVD", "id": "CVE-2023-4607" } ] }, "id": "VAR-202310-1031", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T14:42:59.045000Z", "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-269", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2023-4607" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.1, "url": "https://support.lenovo.com/us/en/product_security/len-140960" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/269.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-4607" }, { "db": "NVD", "id": "CVE-2023-4607" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-4607" }, { "db": "NVD", "id": "CVE-2023-4607" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-10-25T00:00:00", "db": "VULMON", "id": "CVE-2023-4607" }, { "date": "2023-10-25T18:17:41.560000", "db": "NVD", "id": "CVE-2023-4607" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-10-25T00:00:00", "db": "VULMON", "id": "CVE-2023-4607" }, { "date": "2023-11-07T19:14:20.553000", "db": "NVD", "id": "CVE-2023-4607" } ] } }
var-202301-2329
Vulnerability from variot
A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service. plural Lenovo The product contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2329", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile mx1020", "scope": "lte", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx enclosure certified node", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx 1se certified node", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sd650 dwc", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.10_usx304w" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure certified node", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "NVD", "id": "CVE-2022-34884" } ] }, "cve": "CVE-2022-34884", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2022-34884", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.2, "id": "CVE-2022-34884", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2022-34884", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-34884", "trust": 1.0, "value": "MEDIUM" }, { "author": "psirt@lenovo.com", "id": "CVE-2022-34884", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2022-34884", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202301-2379", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "CNNVD", "id": "CNNVD-202301-2379" }, { "db": "NVD", "id": "CVE-2022-34884" }, { "db": "NVD", "id": "CVE-2022-34884" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service. plural Lenovo The product contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2022-34884" }, { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "VULMON", "id": "CVE-2022-34884" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-34884", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-87734", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2022-012569", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202301-2379", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-34884", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-34884" }, { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "CNNVD", "id": "CNNVD-202301-2379" }, { "db": "NVD", "id": "CVE-2022-34884" } ] }, "id": "VAR-202301-2329", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T15:00:33.521000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "LEN-87734", "trust": 0.8, "url": "https://support.lenovo.com/us/en/product_security/LEN-87734" }, { "title": "Lenovo XClarity Controller Buffer error vulnerability fix", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=224342" }, { "title": "", "trust": 0.1, "url": "https://github.com/Live-Hack-CVE/CVE-2022-34884 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-34884" }, { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "CNNVD", "id": "CNNVD-202301-2379" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-121", "trust": 1.0 }, { "problemtype": "CWE-787", "trust": 1.0 }, { "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "NVD", "id": "CVE-2022-34884" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://support.lenovo.com/us/en/product_security/len-87734" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-34884" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-34884/" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2022-34884" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-34884" }, { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "CNNVD", "id": "CNNVD-202301-2379" }, { "db": "NVD", "id": "CVE-2022-34884" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2022-34884" }, { "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "db": "CNNVD", "id": "CNNVD-202301-2379" }, { "db": "NVD", "id": "CVE-2022-34884" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-30T00:00:00", "db": "VULMON", "id": "CVE-2022-34884" }, { "date": "2023-08-31T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "date": "2023-01-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-2379" }, { "date": "2023-01-30T22:15:11.770000", "db": "NVD", "id": "CVE-2022-34884" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-31T00:00:00", "db": "VULMON", "id": "CVE-2022-34884" }, { "date": "2023-08-31T03:30:00", "db": "JVNDB", "id": "JVNDB-2022-012569" }, { "date": "2023-02-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-2379" }, { "date": "2023-02-08T22:17:00.907000", "db": "NVD", "id": "CVE-2022-34884" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202301-2379" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Out-of-bounds write vulnerabilities in the product", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012569" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202301-2379" } ], "trust": 0.6 } }
var-202304-2260
Vulnerability from variot
A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2260", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx 1se", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx enclosure", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx5531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile mx1020", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.60_usx324o" }, { "model": "thinkagile hx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx1021 on se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr665 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx7530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "db": "NVD", "id": "CVE-2023-29057" } ] }, "cve": "CVE-2023-29057", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2023-29057", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 2.1, "id": "CVE-2023-29057", "impactScore": 5.2, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-29057", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-29057", "trust": 1.0, "value": "HIGH" }, { "author": "psirt@lenovo.com", "id": "CVE-2023-29057", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2023-29057", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202304-2275", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "db": "CNNVD", "id": "CNNVD-202304-2275" }, { "db": "NVD", "id": "CVE-2023-29057" }, { "db": "NVD", "id": "CVE-2023-29057" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A valid XCC user\u0027s local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as \u201cLocal First, then LDAP\u201d. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2023-29057" }, { "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "db": "VULMON", "id": "CVE-2023-29057" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-29057", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-118321", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2023-009905", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202304-2275", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-29057", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-29057" }, { "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "db": "CNNVD", "id": "CNNVD-202304-2275" }, { "db": "NVD", "id": "CVE-2023-29057" } ] }, "id": "VAR-202304-2260", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T13:52:32.707000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Lenovo XClarity Controller Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235813" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2275" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-276", "trust": 1.0 }, { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "db": "NVD", "id": "CVE-2023-29057" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://support.lenovo.com/us/en/product_security/len-118321" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-29057" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-29057/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-29057" }, { "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "db": "CNNVD", "id": "CNNVD-202304-2275" }, { "db": "NVD", "id": "CVE-2023-29057" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-29057" }, { "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "db": "CNNVD", "id": "CNNVD-202304-2275" }, { "db": "NVD", "id": "CVE-2023-29057" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-29057" }, { "date": "2023-12-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "date": "2023-04-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2275" }, { "date": "2023-04-28T21:15:08.673000", "db": "NVD", "id": "CVE-2023-29057" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-29057" }, { "date": "2023-12-07T02:30:00", "db": "JVNDB", "id": "JVNDB-2023-009905" }, { "date": "2023-05-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2275" }, { "date": "2023-05-10T16:09:19.657000", "db": "NVD", "id": "CVE-2023-29057" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2275" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009905" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2275" } ], "trust": 0.6 } }
var-202304-2262
Vulnerability from variot
A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2262", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx 1se", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx enclosure", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx5531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile mx1020", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.60_usx324o" }, { "model": "thinkagile hx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx1021 on se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr665 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "db": "NVD", "id": "CVE-2023-29058" } ] }, "cve": "CVE-2023-29058", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2023-29058", "impactScore": 3.6, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 0.9, "id": "CVE-2023-29058", "impactScore": 5.5, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2023-29058", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-29058", "trust": 1.0, "value": "MEDIUM" }, { "author": "psirt@lenovo.com", "id": "CVE-2023-29058", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2023-29058", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202304-2274", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "db": "CNNVD", "id": "CNNVD-202304-2274" }, { "db": "NVD", "id": "CVE-2023-29058" }, { "db": "NVD", "id": "CVE-2023-29058" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo There are unspecified vulnerabilities in the product.Information may be tampered with", "sources": [ { "db": "NVD", "id": "CVE-2023-29058" }, { "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "db": "VULMON", "id": "CVE-2023-29058" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-29058", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-118321", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2023-009601", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202304-2274", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-29058", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-29058" }, { "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "db": "CNNVD", "id": "CNNVD-202304-2274" }, { "db": "NVD", "id": "CVE-2023-29058" } ] }, "id": "VAR-202304-2262", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T13:52:32.640000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Lenovo XClarity Controller Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=236402" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2274" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-276", "trust": 1.0 }, { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "db": "NVD", "id": "CVE-2023-29058" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://support.lenovo.com/us/en/product_security/len-118321" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-29058" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-29058/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-29058" }, { "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "db": "CNNVD", "id": "CNNVD-202304-2274" }, { "db": "NVD", "id": "CVE-2023-29058" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-29058" }, { "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "db": "CNNVD", "id": "CNNVD-202304-2274" }, { "db": "NVD", "id": "CVE-2023-29058" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-29058" }, { "date": "2023-12-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "date": "2023-04-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2274" }, { "date": "2023-04-28T21:15:08.750000", "db": "NVD", "id": "CVE-2023-29058" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-29058" }, { "date": "2023-12-06T02:46:00", "db": "JVNDB", "id": "JVNDB-2023-009601" }, { "date": "2023-05-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2274" }, { "date": "2023-05-08T17:27:52.427000", "db": "NVD", "id": "CVE-2023-29058" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2274" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Product vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009601" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2274" } ], "trust": 0.6 } }
var-202304-2198
Vulnerability from variot
A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains an insufficient credential protection vulnerability.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-2198", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx 1se", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile hx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx2331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx enclosure", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx5531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr645 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile mx1020", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sd650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.75_psi348s" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile hx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.88_cdi3a4a" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.60_usx324o" }, { "model": "thinkagile hx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.93_afbt30p" }, { "model": "thinkagile mx1021 on se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.72_tei388s" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.60_tgbt42h" }, { "model": "thinksystem sr665 v3", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.71_d8bt48p" }, { "model": "thinkagile hx7530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3330", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx5530", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "db": "NVD", "id": "CVE-2023-25495" } ] }, "cve": "CVE-2023-25495", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.2, "id": "CVE-2023-25495", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.9, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-25495", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-25495", "trust": 1.0, "value": "MEDIUM" }, { "author": "psirt@lenovo.com", "id": "CVE-2023-25495", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2023-25495", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202304-2297", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "db": "CNNVD", "id": "CNNVD-202304-2297" }, { "db": "NVD", "id": "CVE-2023-25495" }, { "db": "NVD", "id": "CVE-2023-25495" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured. thinkagile hx5530 firmware, thinkagile hx7530 firmware, ThinkAgile VX3331 firmware etc. Lenovo The product contains an insufficient credential protection vulnerability.Information may be obtained", "sources": [ { "db": "NVD", "id": "CVE-2023-25495" }, { "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "db": "VULMON", "id": "CVE-2023-25495" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-25495", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-99936", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2023-009621", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202304-2297", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-25495", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-25495" }, { "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "db": "CNNVD", "id": "CNNVD-202304-2297" }, { "db": "NVD", "id": "CVE-2023-25495" } ] }, "id": "VAR-202304-2198", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T13:20:46.997000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Lenovo XClarity Controller Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=235823" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2297" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-522", "trust": 1.0 }, { "problemtype": "Inadequate protection of credentials (CWE-522) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "db": "NVD", "id": "CVE-2023-25495" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://support.lenovo.com/us/en/product_security/len-99936" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-25495" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-25495/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-25495" }, { "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "db": "CNNVD", "id": "CNNVD-202304-2297" }, { "db": "NVD", "id": "CVE-2023-25495" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-25495" }, { "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "db": "CNNVD", "id": "CNNVD-202304-2297" }, { "db": "NVD", "id": "CVE-2023-25495" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-25495" }, { "date": "2023-12-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "date": "2023-04-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2297" }, { "date": "2023-04-28T22:15:08.950000", "db": "NVD", "id": "CVE-2023-25495" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-04-28T00:00:00", "db": "VULMON", "id": "CVE-2023-25495" }, { "date": "2023-12-06T04:42:00", "db": "JVNDB", "id": "JVNDB-2023-009621" }, { "date": "2023-05-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202304-2297" }, { "date": "2023-05-09T20:36:34.067000", "db": "NVD", "id": "CVE-2023-25495" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2297" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Insufficient Protection of Credentials in Products Vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009621" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202304-2297" } ], "trust": 0.6 } }
var-202301-2330
Vulnerability from variot
The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect. plural Lenovo An improper comparison vulnerability exists in the product.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202301-2330", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thinksystem sr850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx7521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx2321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx2720-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx3530-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem st250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinksystem sd530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem st250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinksystem sr650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx3721", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx3321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem st550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr665", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinksystem sr150", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr250", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx3531-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx3376", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinkagile vx 2u4n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx3530 f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx7520 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile mx3531 h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr670 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile vx7531", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx5530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sn850", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile mx1021", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem sr645", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinksystem st258 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinkagile vx 4u", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile hx5521-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sn550 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile vx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem st650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile mx3330-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr590", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile mx3331-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr630", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr850p", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem sr158", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx7320 n", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinksystem sn550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr650", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr860", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx3375", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "4.10_d8bt38l" }, { "model": "thinkagile vx2320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx5520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sd650 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem sr570", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx2320-e", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx1520-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx3320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx3521-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr550", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx7820", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile hx7821", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile hx3520-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sr950", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.50_psi346l" }, { "model": "thinkagile mx1020", "scope": "lte", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinkagile hx1320", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx5521", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx3530-g", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx1321", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinksystem sd650-n v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem sr670", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinkagile mx3331-h", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr860 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem st258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem st658 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinksystem sr850 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile hx3720", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkstation p920", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx5520-c", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx enclosure certified node", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx7330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx7530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr250 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.96_tgbt34x" }, { "model": "thinksystem sd630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "2.00_tgbt36o" }, { "model": "thinkagile vx3331", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sr530", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile vx 1se certified node", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinksystem sr630 v2", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile hx1521-r", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile mx3330-f", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinksystem sd650 dwc", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile vx2330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkagile vx3330", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.80_afbt20n" }, { "model": "thinkedge se450", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "1.10_usx304w" }, { "model": "thinksystem se350", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "3.60_tei386m" }, { "model": "thinksystem sr258", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "5.20_tei3c8m" }, { "model": "thinkagile hx7520", "scope": "lt", "trust": 1.0, "vendor": "lenovo", "version": "8.40-cdi394n" }, { "model": "thinkagile hx1520-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1521-r", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2320-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2720-e", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile vx3331", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx enclosure certified node", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1021", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx1320", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkagile hx2321", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "NVD", "id": "CVE-2022-34888" } ] }, "cve": "CVE-2022-34888", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "id": "CVE-2022-34888", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "psirt@lenovo.com", "availabilityImpact": "LOW", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "exploitabilityScore": 1.2, "id": "CVE-2022-34888", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.3, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2022-34888", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-34888", "trust": 1.0, "value": "MEDIUM" }, { "author": "psirt@lenovo.com", "id": "CVE-2022-34888", "trust": 1.0, "value": "LOW" }, { "author": "NVD", "id": "CVE-2022-34888", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202301-2376", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "CNNVD", "id": "CNNVD-202301-2376" }, { "db": "NVD", "id": "CVE-2022-34888" }, { "db": "NVD", "id": "CVE-2022-34888" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect. plural Lenovo An improper comparison vulnerability exists in the product.Information may be obtained", "sources": [ { "db": "NVD", "id": "CVE-2022-34888" }, { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "VULMON", "id": "CVE-2022-34888" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-34888", "trust": 3.3 }, { "db": "LENOVO", "id": "LEN-87734", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2022-012565", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202301-2376", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-34888", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-34888" }, { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "CNNVD", "id": "CNNVD-202301-2376" }, { "db": "NVD", "id": "CVE-2022-34888" } ] }, "id": "VAR-202301-2330", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.625 }, "last_update_date": "2024-08-14T15:00:33.556000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "LEN-87734", "trust": 0.8, "url": "https://support.lenovo.com/us/en/product_security/LEN-87734" }, { "title": "Lenovo XClarity Controller Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223622" }, { "title": "", "trust": 0.1, "url": "https://github.com/Live-Hack-CVE/CVE-2022-34888 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-34888" }, { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "CNNVD", "id": "CNNVD-202301-2376" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-697", "trust": 1.0 }, { "problemtype": "CWE-184", "trust": 1.0 }, { "problemtype": "Inappropriate comparison (CWE-697) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "NVD", "id": "CVE-2022-34888" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://support.lenovo.com/us/en/product_security/len-87734" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-34888" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-34888/" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2022-34888" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-34888" }, { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "CNNVD", "id": "CNNVD-202301-2376" }, { "db": "NVD", "id": "CVE-2022-34888" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2022-34888" }, { "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "db": "CNNVD", "id": "CNNVD-202301-2376" }, { "db": "NVD", "id": "CVE-2022-34888" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-30T00:00:00", "db": "VULMON", "id": "CVE-2022-34888" }, { "date": "2023-08-31T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "date": "2023-01-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-2376" }, { "date": "2023-01-30T22:15:11.960000", "db": "NVD", "id": "CVE-2022-34888" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-31T00:00:00", "db": "VULMON", "id": "CVE-2022-34888" }, { "date": "2023-08-31T02:42:00", "db": "JVNDB", "id": "JVNDB-2022-012565" }, { "date": "2023-02-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-2376" }, { "date": "2023-02-08T22:18:21.590000", "db": "NVD", "id": "CVE-2022-34888" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202301-2376" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Lenovo\u00a0 Improper Comparison Vulnerability in Products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-012565" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202301-2376" } ], "trust": 0.6 } }
cve-2024-23591
Vulnerability from cvelistv5
Vendor | Product | Version | ||
---|---|---|---|---|
Lenovo | ThinkSystem SR670 V2 |
Version: < U8E126I-2.20 |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-23591", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-26T15:09:19.091943Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-26T15:09:33.128Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T23:06:25.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://https://support.lenovo.com/us/en/product_security/LEN-150020" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ThinkSystem SR670 V2", "vendor": "Lenovo", "versions": [ { "lessThan": "U8E126I-2.20", "status": "affected", "version": " ", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Lenovo thanks Eclypsium\u2019s Supply Chain Security Solution for identifying instances of this issue." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ean attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting.\u0026nbsp;\u003c/span\u003eThe server\u2019s NIST SP\n800-193-compliant Platform Firmware Resiliency (PFR) security subsystem\nsignificantly mitigates this issue." } ], "value": "ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow \n\nan attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting.\u00a0The server\u2019s NIST SP\n800-193-compliant Platform Firmware Resiliency (PFR) security subsystem\nsignificantly mitigates this issue." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1269", "description": "CWE-1269 Product Released in Non-Release Configuration", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-20T21:47:49.570Z", "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo" }, "references": [ { "url": "https://https://support.lenovo.com/us/en/product_security/LEN-150020" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Update system UEFI firmware to version u8e126i-2.20 (or newer) indicated for your model in the Product Impact section of our advisory: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-150020\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-150020\u003c/a\u003e\u003cbr\u003e" } ], "value": "Update system UEFI firmware to version u8e126i-2.20 (or newer) indicated for your model in the Product Impact section of our advisory: https://support.lenovo.com/us/en/product_security/LEN-150020 \n" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "assignerShortName": "lenovo", "cveId": "CVE-2024-23591", "datePublished": "2024-02-16T16:17:58.614Z", "dateReserved": "2024-01-18T15:28:42.477Z", "dateUpdated": "2024-08-01T23:06:25.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }