VAR-201801-0503
Vulnerability from variot - Updated: 2023-12-18 12:37In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted. Lenovo Enterprise Networking Operating System (ENOS) Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. LenovoRackSwitch and BladeCenter are China's Lenovo (Lenovo) switch products. IBMRackSwitch and BladeCenter are IBM's switch products. An authentication bypass vulnerability exists in ENOS in Lenovo, IBMRackSwitch, and BladeCenter switches. An attacker can use this vulnerability to gain access to the switch management interface and leak traffic through the switch, causing denial of service. Lenovo/IBM Products are prone to a local authentication-bypass vulnerability. This may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0503",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise networking operating system",
"scope": null,
"trust": 1.4,
"vendor": "lenovo",
"version": null
},
{
"model": "enterprise network operating system",
"scope": "lt",
"trust": 1.0,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "bladecenter virtual fabric 10gb switch",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter 1/10gb uplink ethernet switch",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter layer gbe switch",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2/7"
},
{
"model": "bladecenter layer gbe switch",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2/3"
},
{
"model": "rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g8296",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g8272",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g8124e",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g7052",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "rackswitch g7028",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "flex system si4091 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "flex system fabric si4093 10gb system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "8.4.6.0"
},
{
"model": "enterprise networking operating system",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "0"
},
{
"model": "rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.27.0"
},
{
"model": "rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.21.0"
},
{
"model": "rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.21.0"
},
{
"model": "rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.18.0"
},
{
"model": "rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.11.0"
},
{
"model": "rackswitch g8124e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.11.0"
},
{
"model": "rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.11.0"
},
{
"model": "rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.11.0"
},
{
"model": "flex system? fabric",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.18.0"
},
{
"model": "bladecenter virtual fabric 10gb switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.14.0"
},
{
"model": "bladecenter layer copper ethernet switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2/35.3.12.0"
},
{
"model": "bladecenter 1:10g uplink ethernet switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.18.0"
},
{
"model": "1g l2-7 slb switch for bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "21.0.26.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"db": "BID",
"id": "102741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "NVD",
"id": "CVE-2017-3765"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:lenovo:enterprise_network_operating_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.4.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:lenovo:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g7052:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g8124e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:flex_system_fabric_en4093r_10gb_scalable_switch:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:flex_system_fabric_si4093_10gb_system_interconnect_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:flex_system_si4091_system_interconnect_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g7028:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g8264cs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g8272:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g8296:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g8332:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g8052:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch_g8264:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:lenovo:enterprise_network_operating_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.4.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8264cs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8264t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8124:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:bladecenter_layer_2\\/3_copper_ethernet_switch_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:bladecenter_1\\:10g_uplink_ethernet_switch_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:flex_system_en2092_1gb_ethernet_scalable_switch:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:1g_l2-7_slb_switch_for_bladecenter:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8264:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8052:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8332:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8124e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:flex_system_fabric_en4093\\/en4093r_10gb_scalable_switch:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:bladecenter_virtual_fabric_10gb_switch_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:flex_system_fabric_si4093_10gb_system_interconnect_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:rackswitch_g8316:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3765"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "102741"
}
],
"trust": 0.3
},
"cve": "CVE-2017-3765",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-3765",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2018-04100",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-3765",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3765",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-04100",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-369",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "NVD",
"id": "CVE-2017-3765"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as \"HP Backdoor\" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted. Lenovo Enterprise Networking Operating System (ENOS) Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. LenovoRackSwitch and BladeCenter are China\u0027s Lenovo (Lenovo) switch products. IBMRackSwitch and BladeCenter are IBM\u0027s switch products. An authentication bypass vulnerability exists in ENOS in Lenovo, IBMRackSwitch, and BladeCenter switches. An attacker can use this vulnerability to gain access to the switch management interface and leak traffic through the switch, causing denial of service. Lenovo/IBM Products are prone to a local authentication-bypass vulnerability. This may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3765"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"db": "BID",
"id": "102741"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3765",
"trust": 3.3
},
{
"db": "LENOVO",
"id": "LEN-16095",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1040296",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-04100",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "38765",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201801-369",
"trust": 0.6
},
{
"db": "BID",
"id": "102741",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"db": "BID",
"id": "102741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "NVD",
"id": "CVE-2017-3765"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
]
},
"id": "VAR-201801-0503",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
}
],
"trust": 1.226050427647059
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
}
]
},
"last_update_date": "2023-12-18T12:37:03.075000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-16095",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/ja/product_security/len-16095"
},
{
"title": "Lenovo, IBMRackSwitch, and BladeCenter switches EnterpriseNetworkingOperatingSystem authentication bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/120057"
},
{
"title": "Lenovo , IBM RackSwitch and BladeCenter switch Enterprise Networking Operating System Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77630"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "NVD",
"id": "CVE-2017-3765"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://support.lenovo.com/us/en/product_security/len-16095"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1040296"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3765"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3765"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/product_security/len-16095"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/38765"
},
{
"trust": 0.3,
"url": "http://www.lenovo.com/ca/en/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"db": "BID",
"id": "102741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "NVD",
"id": "CVE-2017-3765"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"db": "BID",
"id": "102741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"db": "NVD",
"id": "CVE-2017-3765"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"date": "2018-01-10T00:00:00",
"db": "BID",
"id": "102741"
},
{
"date": "2018-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"date": "2018-01-10T18:29:01.383000",
"db": "NVD",
"id": "CVE-2017-3765"
},
{
"date": "2018-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04100"
},
{
"date": "2018-01-10T00:00:00",
"db": "BID",
"id": "102741"
},
{
"date": "2018-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001511"
},
{
"date": "2018-02-06T14:12:49.383000",
"db": "NVD",
"id": "CVE-2017-3765"
},
{
"date": "2018-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "102741"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lenovo Enterprise Networking Operating System Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001511"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-369"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…