CVE-2023-2992
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-05-30 CVE Reserved
- 2023-06-26 CVE Published
- 2024-07-02 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-405: Asymmetric Resource Consumption (Amplification)
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-127357 | 2023-07-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | Nextscale N1200 Enclosure Firmware Search vendor "Lenovo" for product "Nextscale N1200 Enclosure Firmware" | < fhet60b-3.40 Search vendor "Lenovo" for product "Nextscale N1200 Enclosure Firmware" and version " < fhet60b-3.40" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Nextscale N1200 Enclosure Search vendor "Lenovo" for product "Nextscale N1200 Enclosure" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkagile Cp-cb-10 Firmware Search vendor "Lenovo" for product "Thinkagile Cp-cb-10 Firmware" | < tesm38c-1.26 Search vendor "Lenovo" for product "Thinkagile Cp-cb-10 Firmware" and version " < tesm38c-1.26" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkagile Cp-cb-10 Search vendor "Lenovo" for product "Thinkagile Cp-cb-10" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkagile Cp-cb-10e Firmware Search vendor "Lenovo" for product "Thinkagile Cp-cb-10e Firmware" | < tesm38c-1.26 Search vendor "Lenovo" for product "Thinkagile Cp-cb-10e Firmware" and version " < tesm38c-1.26" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkagile Cp-cb-10e Search vendor "Lenovo" for product "Thinkagile Cp-cb-10e" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkagile Hx Enclosure Certified Node Firmware Search vendor "Lenovo" for product "Thinkagile Hx Enclosure Certified Node Firmware" | < tesm38c-1.26 Search vendor "Lenovo" for product "Thinkagile Hx Enclosure Certified Node Firmware" and version " < tesm38c-1.26" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkagile Hx Enclosure Certified Node Search vendor "Lenovo" for product "Thinkagile Hx Enclosure Certified Node" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkagile Vx Enclosure Firmware Search vendor "Lenovo" for product "Thinkagile Vx Enclosure Firmware" | < tesm38c-1.26 Search vendor "Lenovo" for product "Thinkagile Vx Enclosure Firmware" and version " < tesm38c-1.26" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkagile Vx Enclosure Search vendor "Lenovo" for product "Thinkagile Vx Enclosure" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinksystem D2 Enclosure Firmware Search vendor "Lenovo" for product "Thinksystem D2 Enclosure Firmware" | < tesm38c-1.26 Search vendor "Lenovo" for product "Thinksystem D2 Enclosure Firmware" and version " < tesm38c-1.26" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinksystem D2 Enclosure Search vendor "Lenovo" for product "Thinksystem D2 Enclosure" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinksystem Da240 Enclosure Firmware Search vendor "Lenovo" for product "Thinksystem Da240 Enclosure Firmware" | < umsm10s-1.07 Search vendor "Lenovo" for product "Thinksystem Da240 Enclosure Firmware" and version " < umsm10s-1.07" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinksystem Da240 Enclosure Search vendor "Lenovo" for product "Thinksystem Da240 Enclosure" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinksystem Dw612 Enclosure Firmware Search vendor "Lenovo" for product "Thinksystem Dw612 Enclosure Firmware" | < umsm10s-1.07 Search vendor "Lenovo" for product "Thinksystem Dw612 Enclosure Firmware" and version " < umsm10s-1.07" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinksystem Dw612 Enclosure Search vendor "Lenovo" for product "Thinksystem Dw612 Enclosure" | - | - |
Safe
|