Lenovo THINKAGILE MX3331-F ALL-FLASH

CPE Details

Lenovo THINKAGILE MX3331-F ALL-FLASH
lenovo
thinkagile_mx3331-f_all-flash
-
2023-02-08
12h17 +00:00
2023-02-23
17h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:h:lenovo:thinkagile_mx3331-f_all-flash:-:*:*:*:*:*:*:*

Informations

Vendor

lenovo

Product

thinkagile_mx3331-f_all-flash

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-4608 2023-10-24 20h25 +00:00 An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.  This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
7.2
High
CVE-2023-4607 2023-10-24 20h25 +00:00 An authenticated XCC user can change permissions for any user through a crafted API command.
8.8
High
CVE-2023-4606 2023-10-24 20h25 +00:00 An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command.   This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
8.1
High
CVE-2022-40137 2023-01-30 21h26 +00:00 A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
6.7
Medium