A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HLenovo Nextscale N1200 Enclosure
HWLenovowszystkie wersjeLenovo Nextscale N1200 Enclosure Firmware
OSLenovo< FHET62A-3.50Lenovo Thinkagile 2u4n
HWLenovowszystkie wersjeLenovo Thinkagile 2u4n Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Cp Cb 10
HWLenovowszystkie wersjeLenovo Thinkagile Cp Cb 10e
HWLenovowszystkie wersjeLenovo Thinkagile Cp Cb 10e Firmware
OSLenovo< TESM40B-1.27Lenovo Thinkagile Cp Cb 10 Firmware
OSLenovo< TESM40B-1.27Lenovo Thinkagile Hx1021
HWLenovowszystkie wersjeLenovo Thinkagile Hx1021 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx1321
HWLenovowszystkie wersjeLenovo Thinkagile Hx1321 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx1331
HWLenovowszystkie wersjeLenovo Thinkagile Hx1331 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx1521 R
HWLenovowszystkie wersjeLenovo Thinkagile Hx1521 R Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx2321
HWLenovowszystkie wersjeLenovo Thinkagile Hx2321 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx2331
HWLenovowszystkie wersjeLenovo Thinkagile Hx2331 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx3321
HWLenovowszystkie wersjeLenovo Thinkagile Hx3321 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx3331
HWLenovowszystkie wersjeLenovo Thinkagile Hx3331 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx3376
HWLenovowszystkie wersjeLenovo Thinkagile Hx3376 Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx3521 G
HWLenovowszystkie wersjeLenovo Thinkagile Hx3521 G Firmware
OSLenovo< tesm40b-1.27Lenovo Thinkagile Hx3721
HWLenovowszystkie wersjeLenovo Thinkagile Hx3721 Firmware
OSLenovo< tesm40b-1.27
Related vulnerabilities
An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2...
An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controlle...
An authenticated XCC user can change permissions for any user through a crafted API command.
An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted A...
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web serve...