Lenovo THINKAGILE MX3530-H HYBRID

CPE Details

Lenovo THINKAGILE MX3530-H HYBRID
-
2023-02-08
12h17 +00:00
2023-02-23
17h36 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:h:lenovo:thinkagile_mx3530-h_hybrid:-:*:*:*:*:*:*:*

Informations

Vendor

lenovo

Product

thinkagile_mx3530-h_hybrid

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-4608 2023-10-24 20h25 +00:00 An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.  This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
7.2
Haute
CVE-2023-4607 2023-10-24 20h25 +00:00 An authenticated XCC user can change permissions for any user through a crafted API command.
8.8
Haute
CVE-2023-4606 2023-10-24 20h25 +00:00 An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command.   This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
8.1
Haute
CVE-2022-40137 2023-01-30 21h26 +00:00 A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
6.7
Moyen