Latest lenovo xclarity controller Vulnerabilities

CVE-2021-3956
A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of Lenovo XClarity Controller (XCC) firmware affecting XCC devices configured in LDAP Authentication Only...
Lenovo XClarity Controller<7.22_cdi382o
Lenovo Thinkagile Hx1320
Lenovo Thinkagile Hx1321
Lenovo Thinkagile Hx1520-r
Lenovo Thinkagile Hx1521-r
Lenovo Thinkagile Hx2320-e
and 46 more
CVE-2021-3473
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Adm...
Lenovo XClarity Controller=6.00_cdi370q
Lenovo Thinkagile Hx1320
Lenovo Thinkagile Hx2320
Lenovo Thinkagile Hx3320
Lenovo Thinkagile Hx3375
Lenovo Thinkagile Hx3520-g
and 35 more
CVE-2019-6195
An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted rea...
Lenovo XClarity Controller<3.01_tei392o
Lenovo Thinkagile Hx 1000
Lenovo Thinkagile Hx 2000
Lenovo Thinkagile Hx 3000
Lenovo Thinkagile Hx 5000
Lenovo Thinkagile Hx 7000
and 29 more
CVE-2019-6187
A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC...
Lenovo XClarity Controller<tei392m
Lenovo Thinkagile 7x82
Lenovo Thinkagile 7y11
Lenovo Thinkagile 7y12
Lenovo Thinkagile 7y88
Lenovo Thinkagile 7y92
and 39 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203