VAR-201609-0686
Vulnerability from variot - Updated: 2022-05-17 01:52An information disclosure vulnerability exists in several Lenovo product SSD firmware. An attacker can exploit the vulnerability to gain sensitive information, which could lead to further attacks. Multiple Lenovo products are prone to a local information-disclosure vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0686",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "thinkstation s30",
"scope": "eq",
"trust": 0.9,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkstation p310",
"scope": "eq",
"trust": 0.9,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkstation p900",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkstation e32",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkstation d30",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkstation c30",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad yoga",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "140"
},
{
"model": "thinkpad yoga",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "120"
},
{
"model": "thinkpad yoga 11e",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "x2500"
},
{
"model": "thinkpad x240s",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "x2400"
},
{
"model": "thinkpad",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "x1310"
},
{
"model": "thinkpad w550s",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad w540",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad t550",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad t540p",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad t450s",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad t450",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad t440s",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad t440p",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad t440",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad s540",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad s5 yoga",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "150"
},
{
"model": "thinkpad s440",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad s1 yoga",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad l540",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad l450",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad l440",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e555",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e550",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e540",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e455",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e450",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e440",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad m93z",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad m83z",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad m79",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad m73z",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad m73p",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e93z",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkpad e79",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkcentre m93",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkcentre m83",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkcentre m73",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkcentre m53",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkcentre e73z",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "thinkstation s30",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "01"
},
{
"model": "thinkstation p700",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "01"
},
{
"model": "thinkstation p500",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "01"
},
{
"model": "thinkstation p300",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "01"
},
{
"model": "thinkstation e32",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "01"
},
{
"model": "thinkstation d30",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "01"
},
{
"model": "thinkstation c30",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "01"
},
{
"model": "thinkpad",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "x13101"
},
{
"model": "thinkpad carbon",
"scope": "ne",
"trust": 0.3,
"vendor": "lenovo",
"version": "x12.74"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
},
{
"db": "BID",
"id": "92178"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "92178"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-07048",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2016-07048",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An information disclosure vulnerability exists in several Lenovo product SSD firmware. An attacker can exploit the vulnerability to gain sensitive information, which could lead to further attacks. Multiple Lenovo products are prone to a local information-disclosure vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
},
{
"db": "BID",
"id": "92178"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "92178",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-07048",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
},
{
"db": "BID",
"id": "92178"
}
]
},
"id": "VAR-201609-0686",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
}
],
"trust": 1.01759259
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
}
]
},
"last_update_date": "2022-05-17T01:52:38.252000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patches for several Lenovo product SSD firmware information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/81013"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/92178"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/product_security/len_5595"
},
{
"trust": 0.3,
"url": "http://www.lenovo.com/ca/en/"
},
{
"trust": 0.3,
"url": "https://support.lenovo.com/us/en/product_security/len_5595"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
},
{
"db": "BID",
"id": "92178"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
},
{
"db": "BID",
"id": "92178"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07048"
},
{
"date": "2016-07-28T00:00:00",
"db": "BID",
"id": "92178"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07048"
},
{
"date": "2016-07-28T00:00:00",
"db": "BID",
"id": "92178"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "92178"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A variety of Lenovo product SSD firmware information disclosure vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07048"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "92178"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…