Search criteria

2 vulnerabilities found for LXCI for Microsoft System Center by Lenovo

CVE-2018-16097 (GCVE-0-2018-16097)

Vulnerability from cvelistv5 – Published: 2018-11-30 14:00 – Updated: 2024-08-05 10:17
VLAI?
Summary
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
Severity ?
No CVSS data available.
CWE
  • file system modification
Assigner
References
Impacted products
Vendor Product Version
Lenovo LXCI for VMware Affected: unspecified , < 5.5 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:17:37.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "LXCI for VMware",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "5.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "LXCI for Microsoft System Center",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "3.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-11-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "file system modification",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-30T13:57:01",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
        }
      ],
      "source": {
        "advisory": "LEN-23800",
        "discovery": "INTERNAL"
      },
      "title": "LXCI for VMware and LXCI for Microsoft System Center",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "ID": "CVE-2018-16097",
          "STATE": "PUBLIC",
          "TITLE": "LXCI for VMware and LXCI for Microsoft System Center"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "LXCI for VMware",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "5.5"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "LXCI for Microsoft System Center",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "3.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "file system modification"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/solutions/LEN-23800",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
          }
        ],
        "source": {
          "advisory": "LEN-23800",
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2018-16097",
    "datePublished": "2018-11-30T14:00:00",
    "dateReserved": "2018-08-29T00:00:00",
    "dateUpdated": "2024-08-05T10:17:37.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-16097 (GCVE-0-2018-16097)

Vulnerability from nvd – Published: 2018-11-30 14:00 – Updated: 2024-08-05 10:17
VLAI?
Summary
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
Severity ?
No CVSS data available.
CWE
  • file system modification
Assigner
References
Impacted products
Vendor Product Version
Lenovo LXCI for VMware Affected: unspecified , < 5.5 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:17:37.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "LXCI for VMware",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "5.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "LXCI for Microsoft System Center",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "3.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-11-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "file system modification",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-30T13:57:01",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
        }
      ],
      "source": {
        "advisory": "LEN-23800",
        "discovery": "INTERNAL"
      },
      "title": "LXCI for VMware and LXCI for Microsoft System Center",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "ID": "CVE-2018-16097",
          "STATE": "PUBLIC",
          "TITLE": "LXCI for VMware and LXCI for Microsoft System Center"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "LXCI for VMware",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "5.5"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "LXCI for Microsoft System Center",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "3.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "file system modification"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/solutions/LEN-23800",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
          }
        ],
        "source": {
          "advisory": "LEN-23800",
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2018-16097",
    "datePublished": "2018-11-30T14:00:00",
    "dateReserved": "2018-08-29T00:00:00",
    "dateUpdated": "2024-08-05T10:17:37.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}