A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NLenovo Nextscale N1200 Enclosure
HWLenovowszystkie wersjeLenovo Nextscale N1200 Enclosure Firmware
OSLenovo< fhet60b-3.40Lenovo Thinkagile Cp Cb 10
HWLenovowszystkie wersjeLenovo Thinkagile Cp Cb 10e
HWLenovowszystkie wersjeLenovo Thinkagile Cp Cb 10e Firmware
OSLenovo< tesm38c-1.26Lenovo Thinkagile Cp Cb 10 Firmware
OSLenovo< tesm38c-1.26Lenovo Thinkagile Hx Enclosure Certified Node
HWLenovowszystkie wersjeLenovo Thinkagile Hx Enclosure Certified Node Firmware
OSLenovo< tesm38c-1.26Lenovo Thinkagile Vx Enclosure
HWLenovowszystkie wersjeLenovo Thinkagile Vx Enclosure Firmware
OSLenovo< tesm38c-1.26Lenovo Thinksystem D2 Enclosure
HWLenovowszystkie wersjeLenovo Thinksystem D2 Enclosure Firmware
OSLenovo< tesm38c-1.26Lenovo Thinksystem Da240 Enclosure
HWLenovowszystkie wersjeLenovo Thinksystem Da240 Enclosure Firmware
OSLenovo< umsm10s-1.07Lenovo Thinksystem Dw612 Enclosure
HWLenovowszystkie wersjeLenovo Thinksystem Dw612 Enclosure Firmware
OSLenovo< umsm10s-1.07
Powiązane podatności
An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2...
An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controlle...
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user w...
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web serve...
A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated use...