CVSS: 5.9EPSS: 0%CPEs: 225EXPL: 0CVE-2023-29056
https://notcve.org/view.php?id=CVE-2023-29056
28 Apr 2023 — A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined. • https://support.lenovo.com/us/en/product_security/LEN-118321 • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 0%CPEs: 225EXPL: 0CVE-2023-29057
https://notcve.org/view.php?id=CVE-2023-29057
28 Apr 2023 — A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”. • https://support.lenovo.com/us/en/product_security/LEN-118321 • CWE-276: Incorrect Default Permissions •
CVSS: 6.8EPSS: 0%CPEs: 225EXPL: 0CVE-2023-29058
https://notcve.org/view.php?id=CVE-2023-29058
28 Apr 2023 — A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions. • https://support.lenovo.com/us/en/product_security/LEN-118321 • CWE-276: Incorrect Default Permissions •
CVSS: 4.3EPSS: 0%CPEs: 196EXPL: 0CVE-2022-34888
https://notcve.org/view.php?id=CVE-2022-34888
30 Jan 2023 — The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect. • https://support.lenovo.com/us/en/product_security/LEN-87734 • CWE-184: Incomplete List of Disallowed Inputs CWE-697: Incorrect Comparison •
CVSS: 7.2EPSS: 0%CPEs: 196EXPL: 0CVE-2022-34884
https://notcve.org/view.php?id=CVE-2022-34884
30 Jan 2023 — A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service. • https://support.lenovo.com/us/en/product_security/LEN-87734 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-3897
https://notcve.org/view.php?id=CVE-2021-3897
22 Apr 2022 — An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected. Se ha detectado una vulnerabilidad de omisión de autenticación en un servicio interno del firmware de Lenovo Fan Power Controller2 (FPC2) y Lenovo System Management Module (SMM) durante un que podría permitir a un atacante ... • https://support.lenovo.com/us/en/product_security/LEN-72615 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-3849
https://notcve.org/view.php?id=CVE-2021-3849
22 Apr 2022 — An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected. Se ha detectado una vulnerabilidad de omisión de autenticación en la interfaz web del firmware de Lenovo Fan Power Controller2 (FPC2) y Lenovo System Management Module (SMM) que podría permitir a un atacante no autenticado ejecutar com... • https://support.lenovo.com/us/en/product_security/LEN-72615 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-9083 – System Management Module Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-9083
27 Nov 2018 — In System Management Module (SMM) versions prior to 1.06, the SMM contains weak default root credentials which could be used to log in to the device OS -- if the attacker manages to enable SSH or Telnet connections via some other vulnerability. System Management Module (SMM) en versiones anteriores a la 1.06 contiene credenciales root por defecto, lo que puede emplearse para iniciar sesión en el sistema operativo del dispositivo (si el atacante consigue habilitar conexiones SSH o Telnet mediante otras vulne... • https://support.lenovo.com/us/en/solutions/LEN-24374 • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-9084 – System Management Module Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-9084
27 Nov 2018 — In System Management Module (SMM) versions prior to 1.06, if an attacker manages to log in to the device OS, the validation of software updates can be circumvented. En System Management Module (SMM), en versiones anteriores a la 1.06, si un atacante consigue iniciar sesión en el sistema operativo del dispositivo, la validación de las actualizaciones de software puede omitirse. • https://support.lenovo.com/us/en/solutions/LEN-24374 •
CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-16089 – System Management Module Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-16089
27 Nov 2018 — In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user. En System Management Module (SMM), en versiones anteriores a la 1.06, un campo en la cabecera de las imágenes de actualización del firmware de SMM no está lo suficientemente saneado, lo que permite una inyección de comandos tras la autenticación en el SMM como el usuario root. • https://support.lenovo.com/us/en/solutions/LEN-24374 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •