Lenovo THINKAGILE MX3330-h Hybrid Firmware

CPE Details

Lenovo THINKAGILE MX3330-h Hybrid Firmware
-
2023-12-20
12h30 +00:00
2023-12-20
12h30 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:lenovo:thinkagile_mx3330-h_hybrid_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

lenovo

Product

thinkagile_mx3330-h_hybrid_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-4608 2023-10-24 20h25 +00:00 An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.  This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
7.2
Haute
CVE-2023-4607 2023-10-24 20h25 +00:00 An authenticated XCC user can change permissions for any user through a crafted API command.
8.8
Haute
CVE-2023-4606 2023-10-24 20h25 +00:00 An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command.   This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
8.1
Haute