All the vulnerabilites related to lenovo - thinkserver_rd640
Vulnerability from fkie_nvd
Published
2018-11-16 14:29
Modified
2024-11-21 04:14
Severity ?
Summary
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@lenovo.com | https://support.lenovo.com/us/en/solutions/LEN-23836 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/solutions/LEN-23836 | Patch, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd340_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310C9518-E17E-4E40-9936-98258F89F6F3",
"versionEndExcluding": "64.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A48E001-1D62-4A25-8C7F-D4691BAEC3DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd440_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74FA6345-B9DC-40D2-8F22-33BEA9BE76D9",
"versionEndExcluding": "64.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED7B28A-1E10-4011-8250-8E060F74E3CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd640_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A558233-49C4-4CF9-A0D0-4AB2DDCEC458",
"versionEndExcluding": "64.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E66D761-1400-41AE-AAB7-E54B80B3FAC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_td340_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E03AAA4-6496-44B0-BBF8-8DDAE1316312",
"versionEndExcluding": "60.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_td340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42109D0F-9FDD-4199-A946-64C453B40CFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users."
},
{
"lang": "es",
"value": "En algunos servidores de marca Lenovo ThinkServer, existe una vulnerabilidad de inyecci\u00f3n de comandos en el comando de descarga del firmware de BMC. Esto permite que un usuario privilegiado descargue y ejecute c\u00f3digo arbitrario en el BMC. Esto solo puede ser explotado por usuarios privilegiados autorizados."
}
],
"id": "CVE-2018-9086",
"lastModified": "2024-11-21T04:14:56.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-16T14:29:00.457",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-23836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-23836"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-23 18:29
Modified
2024-11-21 03:18
Severity ?
Summary
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openslp:openslp:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF96BA3-6A2E-4371-8A6A-2D90BAA787A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openslp:openslp:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE8B97B6-84FF-49EF-B7FF-EEA147CEF00E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd350g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B766A835-96C7-41F7-AB60-4690F5D59A36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd350g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6157D72E-534F-4DA5-AD9E-ED9BEDAD0DB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd350x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E02C1B7D-291F-4897-83EC-7A68697960B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd350x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAFE2B4-2F30-42A5-9A3F-0FAB6567EAD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd450x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23D119B1-EB2A-4715-8EA4-77037E9919B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd450x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "313A342C-E7C4-40BE-A97F-CB4711CF154C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_hr630x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A999E2F-A0E7-4E86-AAAB-392AA0F13027",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_hr630x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF947D32-62E3-4957-86E2-EC3FA6F220D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_hr650x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92EC9023-8344-4818-A341-C6866A631F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_hr650x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "346F827E-369C-4087-BFB6-E74B1CAC1B15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_sr630_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993EE14E-929C-4983-9BCD-9F08906EA3FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F10C8D-C9C7-4FAD-980D-7A602C8BE81D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_system_fc3171_8gb_san_switch_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAE27025-E34D-4FD4-ADC2-4DA56D2F51CD",
"versionEndExcluding": "9.1.13.02.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_system_fc3171_8gb_san_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8A3649-7EF7-4D20-B28A-63D810FA4F08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:storage_n3310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "087C37F7-3895-40C6-82B3-F45039E9FB9B",
"versionEndExcluding": "4.53.351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:storage_n3310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "319412A8-D5BD-4214-AA5A-1E7383AA27A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:storage_n4610_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E974B81E-4DB3-492F-8904-2C0CFF50DD7A",
"versionEndExcluding": "4.53.351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:storage_n4610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D320E2FC-E2E1-45F3-9B0E-2FA647D657BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:bm_nextscale_fan_power_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E3A306-93AA-476C-930D-DE48CBFB13D7",
"versionEndExcluding": "24p-2.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:cmm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48CE3ABD-1FA9-4E26-A873-1027955F968F",
"versionEndExcluding": "1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:fan_power_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F751FD5-004F-4C4F-9651-9EF33FA095E1",
"versionEndExcluding": "30r-1.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:imm1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CF298E-5107-489B-9E08-93084D528F3B",
"versionEndExcluding": "1.55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:imm2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F086091-169B-47F8-A2E8-F5437433AE87",
"versionEndExcluding": "4.70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "070219DA-DDD4-4E8A-A23B-3E46E4CB37DA",
"versionEndExcluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd340_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "639A266B-2A2F-43C9-9871-2F1E5D3AA990",
"versionEndExcluding": "50.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A48E001-1D62-4A25-8C7F-D4691BAEC3DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd350_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63891A2-CDA8-4FC8-ADAB-512378D6B8FE",
"versionEndExcluding": "4.53.351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A988370E-47F4-4DC3-91AB-025360D07160",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd440_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77D8669A-6716-439E-AA6F-EF6A1456FF71",
"versionEndIncluding": "50.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED7B28A-1E10-4011-8250-8E060F74E3CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE30B73E-1918-4465-A948-829AD3D92E07",
"versionEndExcluding": "4.53.351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B994FC89-D6B6-4191-BC53-A36211DE94F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd550_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5017F43-C28F-4B3E-900A-96FEC8BE537D",
"versionEndExcluding": "4.53.351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDCBFD8-D031-4034-AEF9-6F31CC1C5814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd540_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D2D3BB-77F2-4798-BF81-B9EDB607CE94",
"versionEndExcluding": "50.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A30925DE-F919-472F-AA5B-0E2566F99DDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd640_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7057A245-999D-4334-AF82-305ECC09F795",
"versionEndExcluding": "50.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E66D761-1400-41AE-AAB7-E54B80B3FAC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rd650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6F1A92-C568-4CA4-8DBC-459B9DC93A24",
"versionEndExcluding": "4.53.351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rd650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2211D4D-0EB0-4E15-83D5-E94138D68284",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rq750_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "707CAEBE-5ED4-4755-B2DB-7A135DB0AE8A",
"versionEndExcluding": "1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rq750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30A3486A-5BEF-4B6A-B516-DCABBF7DE66E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_rs160_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74A43A48-4E30-4BA6-A4C4-CA565A78B0FC",
"versionEndExcluding": "2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_rs160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA619AB-82E2-4E76-943A-0E68379FD583",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_sd350_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "034D2231-4D6D-42C2-8CDA-85D25B62ECFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_sd350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87959493-B6D7-4765-930C-40A9FBAED2E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_td340_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68A5907C-6A3C-4657-8B9E-DAA6BC1681E4",
"versionEndExcluding": "46.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_td340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42109D0F-9FDD-4199-A946-64C453B40CFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_td350_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973D779E-E3F0-419A-97A1-C0F55AFC9ECE",
"versionEndExcluding": "4.53.351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_td350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83BDBAD4-5483-4D37-A727-D5FE876FF26E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkserver_ts460_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A2F7DE-1C65-499B-98BA-E751E754312D",
"versionEndExcluding": "2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkserver_ts460:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4EFAC5-9268-49A3-BDFF-4F1C87FA7867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability."
},
{
"lang": "es",
"value": "Las versiones de OpenSLP en las secuencias de c\u00f3digo 1.0.2 y 1.1.0 tienen un problema de corrupci\u00f3n de memoria relacionada con la memoria din\u00e1mica (heap), que puede manifestarse como una vulnerabilidad de denegaci\u00f3n de servicio (DoS) o de ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2017-17833",
"lastModified": "2024-11-21T03:18:46.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-23T18:29:00.663",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-18247"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2240"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2308"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202005-12"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3708-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-18247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202005-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3708-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2017-17833
Vulnerability from cvelistv5
Published
2018-04-23 18:00
Modified
2024-08-05 21:06
Severity ?
EPSS score ?
Summary
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3708-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/ | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html | mailing-list, x_refsource_MLIST | |
| http://support.lenovo.com/us/en/solutions/LEN-18247 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:2308 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2240 | vendor-advisory, x_refsource_REDHAT | |
| https://security.gentoo.org/glsa/202005-12 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:06:48.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3708-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3708-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"
},
{
"name": "[debian-lts-announce] 20180425 [SECURITY] [DLA 1364-1] openslp-dfsg security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-18247"
},
{
"name": "RHSA-2018:2308",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2308"
},
{
"name": "RHSA-2018:2240",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2240"
},
{
"name": "GLSA-202005-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202005-12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-14T23:06:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-3708-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3708-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"
},
{
"name": "[debian-lts-announce] 20180425 [SECURITY] [DLA 1364-1] openslp-dfsg security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-18247"
},
{
"name": "RHSA-2018:2308",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2308"
},
{
"name": "RHSA-2018:2240",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2240"
},
{
"name": "GLSA-202005-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202005-12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3708-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3708-1/"
},
{
"name": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/"
},
{
"name": "[debian-lts-announce] 20180425 [SECURITY] [DLA 1364-1] openslp-dfsg security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00029.html"
},
{
"name": "http://support.lenovo.com/us/en/solutions/LEN-18247",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/solutions/LEN-18247"
},
{
"name": "RHSA-2018:2308",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2308"
},
{
"name": "RHSA-2018:2240",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2240"
},
{
"name": "GLSA-202005-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202005-12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17833",
"datePublished": "2018-04-23T18:00:00",
"dateReserved": "2017-12-22T00:00:00",
"dateUpdated": "2024-08-05T21:06:48.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-9086
Vulnerability from cvelistv5
Published
2018-11-16 14:00
Modified
2024-08-05 07:17
Severity ?
EPSS score ?
Summary
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.lenovo.com/us/en/solutions/LEN-23836 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Lenovo | ThinkServer BMC |
Version: unspecified < varies |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-23836"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ThinkServer BMC",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "varies",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-16T13:57:01",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-23836"
}
],
"solutions": [
{
"lang": "en",
"value": "Update BMC firmware"
}
],
"source": {
"advisory": "LEN-23836",
"discovery": "INTERNAL"
},
"title": "Legacy Server BMC Remote Command Injection",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2018-9086",
"STATE": "PUBLIC",
"TITLE": "Legacy Server BMC Remote Command Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ThinkServer BMC",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "varies"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-23836",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-23836"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update BMC firmware"
}
],
"source": {
"advisory": "LEN-23836",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2018-9086",
"datePublished": "2018-11-16T14:00:00",
"dateReserved": "2018-03-27T00:00:00",
"dateUpdated": "2024-08-05T07:17:51.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}