CVE-2017-3765 (GCVE-0-2017-3765)

Vulnerability from cvelistv5 – Published: 2018-01-10 18:00 – Updated: 2024-09-17 01:10
VLAI?
Summary
In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted.
Severity ?
No CVSS data available.
CWE
  • Authentication Bypass
Assigner
References
Impacted products
Vendor Product Version
Lenovo Group Ltd. Enterprise Network Operating System affecting Lenovo and IBM RackSwitch and BladeCenter Products Affected: Earlier than
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.059Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-16095"
          },
          {
            "name": "1040296",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040296"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Enterprise Network Operating System affecting Lenovo and IBM RackSwitch and BladeCenter Products",
          "vendor": "Lenovo Group Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Earlier than"
            }
          ]
        }
      ],
      "datePublic": "2018-01-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as \"HP Backdoor\" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-31T10:57:01",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-16095"
        },
        {
          "name": "1040296",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040296"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "DATE_PUBLIC": "2018-01-09T00:00:00",
          "ID": "CVE-2017-3765",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Enterprise Network Operating System affecting Lenovo and IBM RackSwitch and BladeCenter Products",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Earlier than"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo Group Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as \"HP Backdoor\" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-16095",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-16095"
            },
            {
              "name": "1040296",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040296"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2017-3765",
    "datePublished": "2018-01-10T18:00:00Z",
    "dateReserved": "2016-12-16T00:00:00",
    "dateUpdated": "2024-09-17T01:10:39.100Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:enterprise_network_operating_system:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.4.6.0\", \"matchCriteriaId\": \"0B6FA22A-0EB1-4062-9E3E-5BCE507AB21A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD14D4A6-68F5-4B92-9D8D-4DC8496A39ED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:flex_system_fabric_en4093r_10gb_scalable_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5195330-F644-4E3E-83B2-8890DB80734C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:flex_system_fabric_si4093_10gb_system_interconnect_module:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8554C433-4DDA-4A39-B01E-441A4692FA92\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:flex_system_si4091_system_interconnect_module:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"140910FE-22A3-47C2-9FC7-E3093C0761A3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g7028:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8D163A9-605F-435C-870E-E28B386686F1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g7052:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC6C0D57-16DE-470F-B707-F7A704BFA36C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g8052:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"137C0A4F-A13B-4BFA-A323-3B8665C9EFA0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g8124e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD40C661-A1B6-4CA5-86AD-6901AFB65C8B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g8264:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58E04854-B986-400B-BB67-E2821C96E220\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g8264cs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FD9C184-F542-4111-9617-C39BA1D75861\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g8272:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB8AF1A2-AC14-46E3-BCF1-41C48F0D45BA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g8296:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3C14274-E752-4FCF-96DE-8EE02D07BB48\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:rackswitch_g8332:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8D47782-1C9C-4C89-852C-637E09CB9E20\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:enterprise_network_operating_system:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.4.6.0\", \"matchCriteriaId\": \"0B6FA22A-0EB1-4062-9E3E-5BCE507AB21A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:1g_l2-7_slb_switch_for_bladecenter:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"554F09B6-E3E9-4614-8B09-83B3D9CB2DAC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:bladecenter_1\\\\:10g_uplink_ethernet_switch_module:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C516EA8F-AB20-41B0-8C73-320DC0E0D967\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:bladecenter_layer_2\\\\/3_copper_ethernet_switch_module:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55112B25-5F9A-46D3-85E2-9BB3F3A38A04\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:bladecenter_virtual_fabric_10gb_switch_module:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A248A49B-838D-481E-903D-B184E0550522\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:flex_system_en2092_1gb_ethernet_scalable_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2FFDBDC-BC5B-4945-998B-EF7A84D05442\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F62317AD-325B-43EE-BBEA-7577FFA0377B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:flex_system_fabric_en4093\\\\/en4093r_10gb_scalable_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6132020-30E0-4D5F-913B-71EB74AFDC94\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:flex_system_fabric_si4093_10gb_system_interconnect_module:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75E66FEC-BDD9-4B51-8DCB-76377C92EDBD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8052:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7ADA45C1-84D8-44E4-8D53-D9E0A82E5890\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8124:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96901ABF-A65F-4A07-892E-445C6AE170A1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8124e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DAD3932-2C0A-4F08-91E0-8C6744570A80\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8264:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F4D033F-5B82-4C4A-BD12-D6AF3D9986AD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8264cs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11929E3F-DE7A-44AD-9111-A573C0EB9AD5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8264t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19BC18A3-A42E-4231-8F1C-175A5F17DDD4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8316:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B26833BE-762B-4124-A3E1-CCE50E80D35C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:rackswitch_g8332:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C35153A7-35EF-4E95-B93B-FF38E7160336\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as \\\"HP Backdoor\\\" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted.\"}, {\"lang\": \"es\", \"value\": \"En Enterprise Networking Operating System (ENOS) en productos Lenovo, IBM RackSwitch y BladeCenter, se descubri\\u00f3 una omisi\\u00f3n de autenticaci\\u00f3n conocida como \\\"HP Backdoor\\\" durante una auditar\\u00eda de seguridad de Lenovo en las interfaces de la consola de serie, Telnet, SSH y Web. Se puede acceder al mecanismo de omisi\\u00f3n cuando se realiza una autenticaci\\u00f3n local bajo ciertas circunstancias. Si se explota, se concede el acceso a nivel de administrador al switch.\"}]",
      "id": "CVE-2017-3765",
      "lastModified": "2024-11-21T03:26:05.847",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.0, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 1.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-01-10T18:29:01.383",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1040296\", \"source\": \"psirt@lenovo.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-16095\", \"source\": \"psirt@lenovo.com\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1040296\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-16095\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@lenovo.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-3765\",\"sourceIdentifier\":\"psirt@lenovo.com\",\"published\":\"2018-01-10T18:29:01.383\",\"lastModified\":\"2024-11-21T03:26:05.847\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as \\\"HP Backdoor\\\" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted.\"},{\"lang\":\"es\",\"value\":\"En Enterprise Networking Operating System (ENOS) en productos Lenovo, IBM RackSwitch y BladeCenter, se descubri\u00f3 una omisi\u00f3n de autenticaci\u00f3n conocida como \\\"HP Backdoor\\\" durante una auditar\u00eda de seguridad de Lenovo en las interfaces de la consola de serie, Telnet, SSH y Web. Se puede acceder al mecanismo de omisi\u00f3n cuando se realiza una autenticaci\u00f3n local bajo ciertas circunstancias. Si se explota, se concede el acceso a nivel de administrador al switch.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":6.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:enterprise_network_operating_system:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.4.6.0\",\"matchCriteriaId\":\"0B6FA22A-0EB1-4062-9E3E-5BCE507AB21A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD14D4A6-68F5-4B92-9D8D-4DC8496A39ED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:flex_system_fabric_en4093r_10gb_scalable_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5195330-F644-4E3E-83B2-8890DB80734C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:flex_system_fabric_si4093_10gb_system_interconnect_module:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8554C433-4DDA-4A39-B01E-441A4692FA92\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:flex_system_si4091_system_interconnect_module:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"140910FE-22A3-47C2-9FC7-E3093C0761A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g7028:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8D163A9-605F-435C-870E-E28B386686F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g7052:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC6C0D57-16DE-470F-B707-F7A704BFA36C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g8052:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"137C0A4F-A13B-4BFA-A323-3B8665C9EFA0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g8124e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD40C661-A1B6-4CA5-86AD-6901AFB65C8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g8264:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58E04854-B986-400B-BB67-E2821C96E220\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g8264cs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FD9C184-F542-4111-9617-C39BA1D75861\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g8272:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB8AF1A2-AC14-46E3-BCF1-41C48F0D45BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g8296:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3C14274-E752-4FCF-96DE-8EE02D07BB48\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:rackswitch_g8332:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D47782-1C9C-4C89-852C-637E09CB9E20\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:enterprise_network_operating_system:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.4.6.0\",\"matchCriteriaId\":\"0B6FA22A-0EB1-4062-9E3E-5BCE507AB21A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:1g_l2-7_slb_switch_for_bladecenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"554F09B6-E3E9-4614-8B09-83B3D9CB2DAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:bladecenter_1\\\\:10g_uplink_ethernet_switch_module:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C516EA8F-AB20-41B0-8C73-320DC0E0D967\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:bladecenter_layer_2\\\\/3_copper_ethernet_switch_module:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55112B25-5F9A-46D3-85E2-9BB3F3A38A04\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:bladecenter_virtual_fabric_10gb_switch_module:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A248A49B-838D-481E-903D-B184E0550522\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:flex_system_en2092_1gb_ethernet_scalable_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2FFDBDC-BC5B-4945-998B-EF7A84D05442\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F62317AD-325B-43EE-BBEA-7577FFA0377B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:flex_system_fabric_en4093\\\\/en4093r_10gb_scalable_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6132020-30E0-4D5F-913B-71EB74AFDC94\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:flex_system_fabric_si4093_10gb_system_interconnect_module:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75E66FEC-BDD9-4B51-8DCB-76377C92EDBD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8052:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ADA45C1-84D8-44E4-8D53-D9E0A82E5890\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8124:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96901ABF-A65F-4A07-892E-445C6AE170A1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8124e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DAD3932-2C0A-4F08-91E0-8C6744570A80\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8264:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F4D033F-5B82-4C4A-BD12-D6AF3D9986AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8264cs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11929E3F-DE7A-44AD-9111-A573C0EB9AD5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8264t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19BC18A3-A42E-4231-8F1C-175A5F17DDD4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8316:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B26833BE-762B-4124-A3E1-CCE50E80D35C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:rackswitch_g8332:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C35153A7-35EF-4E95-B93B-FF38E7160336\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1040296\",\"source\":\"psirt@lenovo.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-16095\",\"source\":\"psirt@lenovo.com\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1040296\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-16095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.