CVE-2018-9064

In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user may abuse a web API debug call to retrieve the credentials for the System Manager user.
References
Link Resource
https://support.lenovo.com/us/en/solutions/LEN-22168 Mitigation Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-07-30 16:29

Updated : 2023-12-10 12:44


NVD link : CVE-2018-9064

Mitre link : CVE-2018-9064

CVE.ORG link : CVE-2018-9064


JSON object : View

Products Affected

lenovo

  • xclarity_administrator