7.2

CVE-2024-2659

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LenovoNextscale N1200 Enclosure Firmware Version < FHET62A-3.50
   LenovoNextscale N1200 Enclosure Version-
LenovoThinkagile Cp-cb-10 Firmware Version < TESM40B-1.27
   LenovoThinkagile Cp-cb-10 Version-
LenovoThinkagile Cp-cb-10e Firmware Version < TESM40B-1.27
   LenovoThinkagile Cp-cb-10e Version-
LenovoThinkagile Hx Enclosure Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx Enclosure Version-
LenovoThinkagile Hx3721 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx3721 Version-
LenovoThinkagile Hx1021 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx1021 Version-
LenovoThinkagile Hx E1 Enclosure Firmware Version < tesm40b-1.27
LenovoThinkagile Hx E2 Enclosure Firmware Version < tesm40b-1.27
LenovoThinkagile Hx1321 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx1321 Version-
LenovoThinkagile Hx2321 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx2321 Version-
LenovoThinkagile Hx3321 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx3321 Version-
LenovoThinkagile Hx1331 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx1331 Version-
LenovoThinkagile Hx2331 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx2331 Version-
LenovoThinkagile Hx3331 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx3331 Version-
LenovoThinkagile Hx630 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx630 V3 Version-
LenovoThinkagile Hx3376 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx3376 Version-
LenovoThinkagile Hx645 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx645 V3 Version-
LenovoThinkagile Hx1521-r Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx1521-r Version-
LenovoThinkagile Hx3521-g Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx3521-g Version-
LenovoThinkagile Hx5521 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx5521 Version-
LenovoThinkagile Hx5521-c Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx5521-c Version-
LenovoThinkagile Hx7521 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx7521 Version-
LenovoThinkagile Hx5531 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx5531 Version-
LenovoThinkagile Hx7531 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx7531 Version-
LenovoThinkagile Hx650 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx650 V3 Version-
LenovoThinkagile Hx665 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx665 V3 Version-
LenovoThinkagile Hx7821 Firmware Version < tesm40b-1.27
   LenovoThinkagile Hx7821 Version-
LenovoThinkagile Vx3720 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3720 Version-
LenovoThinkagile 2u4n Firmware Version < tesm40b-1.27
   LenovoThinkagile 2u4n Version-
LenovoThinkagile Vx1320 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx1320 Version-
LenovoThinkagile Vx 1se Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx 1se Version-
LenovoThinkagile Vx3320 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3320 Version-
LenovoThinkagile Vx2320 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx2320 Version-
LenovoThinkagile Vx7320-n Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7320-n Version-
LenovoThinkagile Vx 1u Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx 1u Version-
LenovoThinkagile Vx2330 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx2330 Version-
LenovoThinkagile Vx3330 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3330 Version-
LenovoThinkagile Vx7330-n Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7330-n Version-
LenovoThinkagile Vx3331 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3331 Version-
LenovoThinkagile Vx630 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx630 V3 Version-
LenovoThinkagile Vx630 V4 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx630 V4 Version-
LenovoThinkagile Vx635 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx635 V3 Version-
LenovoThinkagile Vx2375 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx2375 Version-
LenovoThinkagile Vx3375 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3375 Version-
LenovoThinkagile Vx7375-n Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7375-n Version-
LenovoThinkagile Vx3376 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3376 Version-
LenovoThinkagile Vx645 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx645 V3 Version-
LenovoThinkagile Vx5520 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx5520 Version-
LenovoThinkagile Vx7520 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7520 Version-
LenovoThinkagile Vx3520-g Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3520-g Version-
LenovoThinkagile Vx5520 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx5520 Version-
LenovoThinkagile Vx 2u Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx 2u Version-
LenovoThinkagile Vx3530-g Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3530-g Version-
LenovoThinkagile Vx5530 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx5530 Version-
LenovoThinkagile Vx7530 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7530 Version-
LenovoThinkagile Vx7531 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7531 Version-
LenovoThinkagile Vx650 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx650 V3 Version-
LenovoThinkagile Vx650 V4 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx650 V4 Version-
LenovoThinkagile Vx655 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx655 V3 Version-
LenovoThinkagile Vx5575 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx5575 Version-
LenovoThinkagile Vx7575 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7575 Version-
LenovoThinkagile Vx3575-g Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx3575-g Version-
LenovoThinkagile Vx665 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx665 V3 Version-
LenovoThinkagile Vx850 V3 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx850 V3 Version-
LenovoThinkagile Vx 4u Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx 4u Version-
LenovoThinkagile Vx7820 Firmware Version < tesm40b-1.27
   LenovoThinkagile Vx7820 Version-
LenovoThinksystem D2 Enclosure Firmware Version < TESM40B-1.27
   LenovoThinksystem D2 Enclosure Version-
LenovoThinksystem Da240 Firmware Version < UMSM12I-1.1.3
   LenovoThinksystem Da240 Version-
LenovoThinksystem Dw612 Firmware Version < UMSM12I-1.1.3
   LenovoThinksystem Dw612 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.617
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.2 1.2 5.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
psirt@lenovo.com 7.2 1.2 5.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.