All the vulnerabilites related to lenovo - thinkagile_cx4200
cve-2017-3744
Vulnerability from cvelistv5
Published
2017-06-20 00:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.lenovo.com/product_security/LEN-14054 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Lenovo Group Ltd. | Lenovo System x IMM2 |
Version: Lenovo System x IMM2 firmware versions earlier than 4.10 and IBM System x IMM2 firmware versions earlier than 6.20 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/product_security/LEN-14054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Lenovo System x IMM2",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "Lenovo System x IMM2 firmware versions earlier than 4.10 and IBM System x IMM2 firmware versions earlier than 6.20"
}
]
}
],
"datePublic": "2017-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Disclosure of login credentials to user with local privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-19T23:57:01",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/product_security/LEN-14054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2017-3744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo System x IMM2",
"version": {
"version_data": [
{
"version_value": "Lenovo System x IMM2 firmware versions earlier than 4.10 and IBM System x IMM2 firmware versions earlier than 6.20"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Disclosure of login credentials to user with local privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/product_security/LEN-14054",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/product_security/LEN-14054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2017-3744",
"datePublished": "2017-06-20T00:00:00",
"dateReserved": "2016-12-16T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8106
Vulnerability from cvelistv5
Published
2017-01-09 21:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/95333 | vdb-entry, x_refsource_BID | |
| https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063&languageid=en-fr | x_refsource_CONFIRM | |
| http://www-01.ibm.com/support/docview.wss?uid=swg22002507 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/LEN-12029 | x_refsource_CONFIRM | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037562 | vdb-entry, x_refsource_SECTRACK | |
| https://security.netapp.com/advisory/ntap-20190731-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | Intel® Ethernet Controller X710 family and Intel® Ethernet Controller XL710 family |
Version: Before NVM Version 5.05 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95333",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95333"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063\u0026languageid=en-fr"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22002507"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-12029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378"
},
{
"name": "1037562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037562"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190731-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel\u00c2\u00ae Ethernet Controller X710 family and Intel\u00c2\u00ae Ethernet Controller XL710 family",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "Before NVM Version 5.05"
}
]
}
],
"datePublic": "2017-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service in Intel Ethernet Controller\u0027s X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-01T00:06:08",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "95333",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95333"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063\u0026languageid=en-fr"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22002507"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-12029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378"
},
{
"name": "1037562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037562"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190731-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel\u00c2\u00ae Ethernet Controller X710 family and Intel\u00c2\u00ae Ethernet Controller XL710 family",
"version": {
"version_data": [
{
"version_value": "Before NVM Version 5.05"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service in Intel Ethernet Controller\u0027s X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95333"
},
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063\u0026languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063\u0026languageid=en-fr"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg22002507",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22002507"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-12029",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-12029"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378"
},
{
"name": "1037562",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037562"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190731-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190731-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8106",
"datePublished": "2017-01-09T21:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-01-09 21:59
Modified
2024-11-21 02:58
Severity ?
Summary
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F32F15AD-C473-4CA9-83C0-5C5A742F79D0",
"versionEndIncluding": "5.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_x710-am2_sr1zp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A83AF-9369-4402-8A75-A3C475CBB3F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_x710-am2_sr1zq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B1C742-A502-4141-B5BF-E0CB369152C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_x710-bm2_sllkb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69B0751F-4A90-4904-ADE0-DEE514BF6250",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_x710-bm2_sllkc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51D6F374-62A0-42FC-B8D4-9C81FE88B9F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-am1_sr1zm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82C95EFE-2415-4BC3-870C-8FB417DAB28A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-am1_sr1zn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77AF59A1-845E-4CCF-8981-97781E424BD3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-am2_sr1zk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B8A610-92A4-4126-A28D-9D2C2A14EA71",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-am2_sr1zl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9922F300-F6B6-4577-B8BD-EEDC4B8BCE32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-bm1_sllk9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B150A489-45CC-4E9E-8EAB-17428027B3BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-bm1_sllka:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D38675ED-3E60-4595-89A8-8CA1AB27BC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-bm2_sllk7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F15CBDA2-2C43-4217-B13A-22D3538F2661",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_controller_xl710-bm2_sllk8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD4DFC6-B159-4A8B-8F9A-CE7BA50D9671",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A146247-ECE2-48A3-A35F-01559274D237",
"versionEndIncluding": "5.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da2_ex710da2g1p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0411F19-A223-4B66-B931-E1BB18FBCB62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da4_ex710da4fhg1p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9357AC7-6247-4228-BBAE-67020C74D38F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:eth_converged_ntwk_adptr_x710-da4_ex710da4g1p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "626CD805-9C8D-434F-AA31-EB83D009076E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:eth_converged_ntwk_adptr_xl710-qda1_exl710qda1g1p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFA5E8B-C6F2-4EAA-A50B-92D858F82ED3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:eth_converged_ntwk_adptr_xl710-qda2_exl710qda2g1p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ABA5AB6-9A30-4852-87E3-F1594BE83750",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91BC4250-0C6D-4458-B9B5-AA4008C08EB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2blk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F11DB4C8-566C-448C-A18D-C625FA9DE11E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2_x710da2g2p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B8147B-767F-49EF-9046-45BCFA2B2661",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6709DAF-EE92-4110-8692-4A53C596CBE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fhblk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A916CAF0-EDCF-40D5-968F-652E378FF97C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4fhg2p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD026C34-293A-4DCD-874E-63BFE7116BDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4_x710da4g2p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87965D8A-A5FD-4BD9-86F9-9E48E6108A06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C438018-EC3A-4226-8252-1A77E5A50250",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1blk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7254F006-9AD7-4837-ABB9-7A5A8327AD49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda1_xl710qda1g2p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9919B1A6-B5B9-4B54-89B6-FA3C17B13F48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC2E93B-DF2D-4442-9CA5-52F2BE36F411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2blk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84F67FE6-38C0-446C-8AD5-C9F713E188C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-qda2_xl710qda2g2p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E51776-294A-449E-8EA9-49BD2725FBB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_i\\/o_module_xl710-qda1_axx1p40frtiom:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E6BE9F-2333-4D14-94A0-90565430DCC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:ethernet_i\\/o_module_xl710-qda2_axx2p40frtiom:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2B9FB5-9868-42C7-96C8-464820F17D60",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:ethernet_10gb_2-port_562flr-sfp\\+:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA295D13-518D-4E43-B112-77D2A48F01AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:ethernet_10gb_2-port_562sfp\\+:*:*:*:*:*:*:*:*",
"matchCriteriaId": "280334EE-CDCF-4EBC-97D6-7FA1507BDF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:ethernet_10gb_4-port_563sfp\\+:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31F9FCDB-CBD5-448C-B459-A90379A067E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:proliant_xl260a_g9_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C39A32-1068-4C64-9609-E9E789221B2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:converged_hx_series:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B462A39A-B3CF-4D3D-B138-87EDCFCC2A36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:converged_hx5500_appliance:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE78714-3153-47EC-BA64-AB8EB2CE894C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:converged_hx5510_appliance:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "638A62EA-C574-4359-84B1-046F49B5387E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:converged_hx7500_appliance:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "A1670FD8-05F2-4F29-AA5F-ED97291BAFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:converged_hx7510_appliance:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C3B66CB9-3FD9-47D5-9817-62371C1ECC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:nextscale_nx360_m5:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4ECA79-BC4B-4888-A4DE-52492833B530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:system_x3250_m5:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "758D0933-1265-4593-8647-E20E0CC24A93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:system_x3500_m5:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "686DB4DF-32A4-4FD4-A93E-E0E2171D4B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:system_x3550_m5:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "5F5D1172-A454-4550-9475-13834BE92A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:system_x3650_m5:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C040CE58-3A77-4689-BD61-8D82B6AE8128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:system_x3750_m4:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "D4098AC2-11F5-49C1-A4CB-570B1F3EBC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:system_x3850_x6:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3A619F9E-AE80-4DC9-8DAD-B2123D005060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:system_x3950_x6:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "2F29E2DF-A1AD-4BA3-917A-1E86C9BAD49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkagile_cx2200:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "1825E3B4-D5B6-48E9-8395-047EB41E3A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkagile_cx4200:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8937BA-4BD8-40C7-B23D-A404252562A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkagile_cx4600:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "FBAC6BBC-B21E-437B-81D8-63021C69E55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkserver_rd350:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "23DDFE96-ED30-4818-AA30-CC009ACC4CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkserver_rd450:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "40318330-EB26-4242-8378-A69F01C479F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkserver_rd550:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "DD58C401-31C3-48C9-B1AC-94706A98D286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkserver_rd650:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3C273581-6BAD-46F2-B865-0520B8F3ED65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkserver_sd350:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "FF56B9E8-D24C-420F-8661-ADB3052F92CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:thinkserver_td350:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9B0ED3-3686-442F-A1D2-96F61FFA117B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service in Intel Ethernet Controller\u0027s X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions."
},
{
"lang": "es",
"value": "Una denegaci\u00f3n de servicio en Intel Ethernet Controller\u0027s X710/XL710 con Non-Volatile Memory Images en versiones anteriores a 5.05 permite a atacantes remotos detener el controlador de procesar el tr\u00e1fico de red que funciona bajo determinadas condiciones de uso de la red."
}
],
"id": "CVE-2016-8106",
"lastModified": "2024-11-21T02:58:57.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-09T21:59:00.160",
"references": [
{
"source": "secure@intel.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22002507"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95333"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037562"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063\u0026languageid=en-fr"
},
{
"source": "secure@intel.com",
"url": "https://security.netapp.com/advisory/ntap-20190731-0001/"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-12029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22002507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05368378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00063\u0026languageid=en-fr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190731-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-12029"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-20 00:29
Modified
2024-11-21 03:26
Severity ?
Summary
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@lenovo.com | https://support.lenovo.com/product_security/LEN-14054 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/product_security/LEN-14054 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:integrated_management_module_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA6D55A-5391-4B6F-A399-A0449A1EBD8B",
"versionEndIncluding": "4.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x240_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2CE7A5-1CEE-40C4-BE0E-573C28663A11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x280_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1563A13F-2E56-4E83-9C16-68B2C81843DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x480_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86B6B27-0E42-47C1-B2D9-A6C5B1364D9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68ED17ED-BE60-4EE3-9599-C88C3C7A626C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "723D2A74-F6F3-4C73-AFD9-CDAE930D0FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3250_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D89A2206-7012-4938-9BE2-ACF014E3F3B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3500_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC3467C-3F00-4EE3-B40E-3AE7F93094DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3550_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57A78B63-6588-4C40-BEBB-88C8DF467A18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3650_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "145F0B3C-A945-443B-AB08-329F72358801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3850_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70A2471-D476-4FB7-8D1F-FEE0E4BF460C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3950_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25A3A89F-CB39-4E76-BC64-3C4F4788FB8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cx2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA2F515-2E29-4478-AE61-9C513CC6901B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC339542-79DA-45AB-B488-C99D1FEB8359",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "987FB06B-F349-48D5-B46C-CF23BD6B6811",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740F81FC-AD9F-4AA0-9A32-7363363B7AEC",
"versionEndIncluding": "6.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands."
},
{
"lang": "es",
"value": "En el firmware IMM2 de los servidores Lenovo System x, los comandos remotos enviados por LXCA u otras utilidades pueden ser capturados en el registro del servicio First Failure Data Capture (FFDC) si el registro del servicio se genera cuando ese comando remoto est\u00e1 en ejecuci\u00f3n. Los datos de comando capturados podr\u00edan contener informaci\u00f3n de inicio de sesi\u00f3n en texto claro. Los usuarios autorizados que pueden capturar y exportar datos de registro del servicio FFDC podr\u00edan tener acceso a estos comandos remotos."
}
],
"id": "CVE-2017-3744",
"lastModified": "2024-11-21T03:26:03.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-20T00:29:00.330",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/product_security/LEN-14054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/product_security/LEN-14054"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}