CVE-2017-3770
First published: Fri Sep 22 2017(Updated: )
Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system.
Credit: psirt@lenovo.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lenovo XClarity Administrator | <=1.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3770?
CVE-2017-3770 has been classified as a privilege escalation vulnerability.
How do I fix CVE-2017-3770?
To fix CVE-2017-3770, upgrade to Lenovo XClarity Administrator version 1.3.2 or later.
Who is affected by CVE-2017-3770?
CVE-2017-3770 affects authenticated users of Lenovo XClarity Administrator versions earlier than 1.3.2.
What types of attacks can be performed using CVE-2017-3770?
CVE-2017-3770 allows an authenticated user to execute privileged commands through certain web interface functionalities.
Is CVE-2017-3770 a remote or local vulnerability?
CVE-2017-3770 is a local vulnerability that requires authenticated access to exploit.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- vendor/lenovo
- canonical/lenovo xclarity administrator
- version/lenovo xclarity administrator/1.3.1