First published: Fri Nov 30 2018(Updated: )
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Xclarity Integrator | <5.5 |
Update LXCI for VMware to version 5.5 or higher.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-16093 is a vulnerability in LXCI for VMware versions prior to 5.5.
CVE-2018-16093 allows an authenticated user to write to any system file in Lenovo Xclarity Integrator vCenter versions prior to 5.5.
CVE-2018-16093 has a severity rating of 6.5 (medium).
CVE-2018-16093 is associated with CWE-434.
To fix CVE-2018-16093, upgrade LXCI for VMware to version 5.5 or later.