// For flags

CVE-2015-3322

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.

Servidores Lenovo ThinkServer RD350, RD450, RD550, RD650 y TD350 en versiones anteriores a 1.26.0 utiliza cifrado débil para almacenar contraseñas BIOS de (1) usuario y (2) administrador, lo que permite a atacantes descifrar las contraseñas a través de vectores no especificados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-04-16 CVE Reserved
  • 2015-04-16 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-310: Cryptographic Issues
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Lenovo
Search vendor "Lenovo"
Thinkserver Rd650 Firmware
Search vendor "Lenovo" for product "Thinkserver Rd650 Firmware"
<= 1.25.0
Search vendor "Lenovo" for product "Thinkserver Rd650 Firmware" and version " <= 1.25.0"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkserver Rd650
Search vendor "Lenovo" for product "Thinkserver Rd650"
*-
Affected
Lenovo
Search vendor "Lenovo"
Thinkserver Td350 Firmware
Search vendor "Lenovo" for product "Thinkserver Td350 Firmware"
<= 1.25.0
Search vendor "Lenovo" for product "Thinkserver Td350 Firmware" and version " <= 1.25.0"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkserver Td350
Search vendor "Lenovo" for product "Thinkserver Td350"
*-
Affected
Lenovo
Search vendor "Lenovo"
Thinkserver Rd350 Firmware
Search vendor "Lenovo" for product "Thinkserver Rd350 Firmware"
<= 1.25.0
Search vendor "Lenovo" for product "Thinkserver Rd350 Firmware" and version " <= 1.25.0"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkserver Rd350
Search vendor "Lenovo" for product "Thinkserver Rd350"
*-
Affected
Lenovo
Search vendor "Lenovo"
Thinkserver Rd550 Firmware
Search vendor "Lenovo" for product "Thinkserver Rd550 Firmware"
<= 1.25.0
Search vendor "Lenovo" for product "Thinkserver Rd550 Firmware" and version " <= 1.25.0"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkserver Rd550
Search vendor "Lenovo" for product "Thinkserver Rd550"
*-
Affected
Lenovo
Search vendor "Lenovo"
Thinkserver Rd450 Firmware
Search vendor "Lenovo" for product "Thinkserver Rd450 Firmware"
<= 1.25.0
Search vendor "Lenovo" for product "Thinkserver Rd450 Firmware" and version " <= 1.25.0"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkserver Rd450
Search vendor "Lenovo" for product "Thinkserver Rd450"
*-
Affected