Lenovo ThinkSystem SR635 V3 Firmware

CPE Details

Lenovo ThinkSystem SR635 V3 Firmware
lenovo
thinksystem_sr635_v3_firmware
-
2023-11-28
12h15 +00:00
2023-11-28
12h15 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:lenovo:thinksystem_sr635_v3_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

lenovo

Product

thinksystem_sr635_v3_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-4608 2023-10-24 20h25 +00:00 An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.  This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
7.2
Haute
CVE-2023-4607 2023-10-24 20h25 +00:00 An authenticated XCC user can change permissions for any user through a crafted API command.
8.8
Haute
CVE-2023-4606 2023-10-24 20h25 +00:00 An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command.   This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
8.1
Haute