4.9
CVE-2023-25495
- EPSS 0.11%
- Veröffentlicht 28.04.2023 22:15:08
- Zuletzt bearbeitet 21.11.2024 07:49:37
- Quelle psirt@lenovo.com
- Teams Watchlist Login
- Unerledigt Login
A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Lenovo ≫ Thinkagile Hx5530 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx7530 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx3331 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx Enclosure Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Hx1021 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Hx1320 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx1321 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx1331 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx1520-r Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx1521-r Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx2320-e Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx2321 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx2330 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx2330 Firmware Version2.93_afbt30p
Lenovo ≫ Thinkagile Hx2331 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx2720-e Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Hx3320 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx3321 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx3330 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx3331 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx3331 Firmware Version < 4.71_d8bt48p
Lenovo ≫ Thinkagile Hx3375 Firmware Version < 4.71_d8bt48p
Lenovo ≫ Thinkagile Hx3376 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx3520-g Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx3521-g Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Hx3720 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Hx3721 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx5520 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx5520-c Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx5521 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx5521-c Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx5531 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx7520 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Hx7521 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx7530 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx7531 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Hx7531 Firmware Version < 2.75_psi348s
Lenovo ≫ Thinkagile Hx7820 Firmware Version < 2.75_psi348s
Lenovo ≫ Thinkagile Hx7821 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Mx1020 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3330-f Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3330-h Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3331-f Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3331-h Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3530 F Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3530-h Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3531 H Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Mx3531-f Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Mx1021 On Se350 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Vx 1se Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Vx 2u4n Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Vx 4u Firmware Version < 2.75_psi348s
Lenovo ≫ Thinkagile Vx1320 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Vx2320 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Vx2330 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx3320 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Vx3330 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx3520-g Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Vx3530-g Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx3720 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinkagile Vx5520 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Vx5530 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx7320 N Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Vx7330 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx7520 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Vx7520 N Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinkagile Vx7530 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx7531 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinkagile Vx7820 Firmware Version < 2.75_psi348s
Lenovo ≫ Thinkedge Se450 Firmware Version < 1.60_usx324o
Lenovo ≫ Thinkstation P920 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem Sd530 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sd630 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sd650 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sd650 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sd650-n V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Se350 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sn550 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sn550 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sn850 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr150 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr158 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr250 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr250 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sr258 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr258 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sr530 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem Sr550 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem Sr570 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem Sr590 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem Sr630 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem Sr630 V2 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinksystem Sr645 Firmware Version < 4.71_d8bt48p
Lenovo ≫ Thinksystem Sr645 V3 Firmware Version < 4.71_d8bt48p
Lenovo ≫ Thinksystem Sr650 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem Sr650 V2 Firmware Version < 2.93_afbt30p
Lenovo ≫ Thinksystem Sr665 Firmware Version < 4.71_d8bt48p
Lenovo ≫ Thinksystem Sr665 V3 Firmware Version < 4.71_d8bt48p
Lenovo ≫ Thinksystem Sr670 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr670 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sr850 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr850 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sr850p Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr860 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem Sr860 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem Sr950 Firmware Version < 2.75_psi348s
Lenovo ≫ Thinksystem St250 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem St250 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem St258 Firmware Version < 3.72_tei388s
Lenovo ≫ Thinksystem St258 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem St550 Firmware Version < 8.88_cdi3a4a
Lenovo ≫ Thinksystem St650 V2 Firmware Version < 2.60_tgbt42h
Lenovo ≫ Thinksystem St658 V2 Firmware Version < 2.60_tgbt42h
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.297 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
| psirt@lenovo.com | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
CWE-522 Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.