Search criteria
7 vulnerabilities found for Drivers Management by Lenovo
VAR-202108-1810
Vulnerability from variot - Updated: 2024-11-23 22:47A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. Lenovo Driver Management Exists in a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Lenovo Driver Management is a Lenovo power management driver for Windows 10, 8.1, 8, 7 (32-bit, 64-bit) from Lenovo, China
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-1810",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "drivers management",
"scope": "lt",
"trust": 1.0,
"vendor": "lenovo",
"version": "2.9.0719.1104"
},
{
"model": "drivers management",
"scope": "eq",
"trust": 0.8,
"vendor": "lenovo",
"version": "2.9.0719.1104"
},
{
"model": "drivers management",
"scope": "eq",
"trust": 0.8,
"vendor": "lenovo",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"cve": "CVE-2021-3633",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2021-3633",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-396496",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-3633",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@lenovo.com",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.3,
"id": "CVE-2021-3633",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-3633",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-3633",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@lenovo.com",
"id": "CVE-2021-3633",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-3633",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-1583",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-396496",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-3633",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-396496"
},
{
"db": "VULMON",
"id": "CVE-2021-3633"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1583"
},
{
"db": "NVD",
"id": "CVE-2021-3633"
},
{
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. Lenovo Driver Management Exists in a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Lenovo Driver Management is a Lenovo power management driver for Windows 10, 8.1, 8, 7 (32-bit, 64-bit) from Lenovo, China",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3633"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "VULHUB",
"id": "VHN-396496"
},
{
"db": "VULMON",
"id": "CVE-2021-3633"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-3633",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010649",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1583",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-396496",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-3633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-396496"
},
{
"db": "VULMON",
"id": "CVE-2021-3633"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1583"
},
{
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"id": "VAR-202108-1810",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-396496"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:47:38.680000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-63104",
"trust": 0.8,
"url": "https://iknow.lenovo.com.cn/detail/dc_198418.html"
},
{
"title": "Lenovo Driver Management Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=160734"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1583"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.1
},
{
"problemtype": "CWE-347",
"trust": 1.0
},
{
"problemtype": "Uncontrolled search path elements (CWE-427) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-396496"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://iknow.lenovo.com.cn/detail/dc_198418.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3633"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-396496"
},
{
"db": "VULMON",
"id": "CVE-2021-3633"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1583"
},
{
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-396496"
},
{
"db": "VULMON",
"id": "CVE-2021-3633"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1583"
},
{
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-396496"
},
{
"date": "2021-08-17T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3633"
},
{
"date": "2022-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"date": "2021-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-1583"
},
{
"date": "2021-08-17T17:15:07.687000",
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-25T00:00:00",
"db": "VULHUB",
"id": "VHN-396496"
},
{
"date": "2021-08-25T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3633"
},
{
"date": "2022-07-06T07:53:00",
"db": "JVNDB",
"id": "JVNDB-2021-010649"
},
{
"date": "2022-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-1583"
},
{
"date": "2024-11-21T06:22:01.897000",
"db": "NVD",
"id": "CVE-2021-3633"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-1583"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lenovo\u00a0Driver\u00a0Management\u00a0 Vulnerability regarding uncontrolled search path elements in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010649"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-1583"
}
],
"trust": 0.6
}
}
VAR-202007-1184
Vulnerability from variot - Updated: 2024-11-23 22:21A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges. Lenovo Drivers Management Exists in an unreliable search path vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Lenovo Drivers Management is a driver management application for Lenovo products from China Lenovo (Lenovo). This program is mainly used for driver installation and upgrade, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-1184",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "drivers management",
"scope": "lt",
"trust": 1.0,
"vendor": "lenovo",
"version": "2.7.1128.1046"
},
{
"model": "drivers management",
"scope": "eq",
"trust": 0.8,
"vendor": "lenovo",
"version": "2.7.1128.1046"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:drivers_management",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
}
]
},
"cve": "CVE-2020-8317",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2020-8317",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-008819",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-186442",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-8317",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@lenovo.com",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.3,
"id": "CVE-2020-8317",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-008819",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-8317",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@lenovo.com",
"id": "CVE-2020-8317",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-008819",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-1521",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-186442",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1521"
},
{
"db": "NVD",
"id": "CVE-2020-8317"
},
{
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges. Lenovo Drivers Management Exists in an unreliable search path vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Lenovo Drivers Management is a driver management application for Lenovo products from China Lenovo (Lenovo). This program is mainly used for driver installation and upgrade, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8317"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "VULHUB",
"id": "VHN-186442"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8317",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1521",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "47910",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-44071",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-186442",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1521"
},
{
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"id": "VAR-202007-1184",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186442"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:21:04.737000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-38381",
"trust": 0.8,
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
},
{
"title": "Lenovo Drivers Management Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124837"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1521"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-426",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8317"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8317"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47910"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1521"
},
{
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1521"
},
{
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-186442"
},
{
"date": "2020-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"date": "2020-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1521"
},
{
"date": "2020-07-24T16:15:12.053000",
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-186442"
},
{
"date": "2020-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008819"
},
{
"date": "2020-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1521"
},
{
"date": "2024-11-21T05:38:41.690000",
"db": "NVD",
"id": "CVE-2020-8317"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1521"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lenovo Drivers Management Unreliable search path vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008819"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1521"
}
],
"trust": 0.6
}
}
VAR-202007-1424
Vulnerability from variot - Updated: 2024-11-23 21:51An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges. (DoS) It may be put into a state. Lenovo Drivers Management is a driver management application for Lenovo products from China Lenovo (Lenovo). This program is mainly used for driver installation and upgrade, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-1424",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "drivers management",
"scope": "lt",
"trust": 1.0,
"vendor": "lenovo",
"version": "2.7.1128.1046"
},
{
"model": "drivers management",
"scope": "eq",
"trust": 0.8,
"vendor": "lenovo",
"version": "2.7.1128.1046"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:drivers_management",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
}
]
},
"cve": "CVE-2020-8326",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2020-8326",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-008820",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-186451",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-8326",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@lenovo.com",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.3,
"id": "CVE-2020-8326",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-008820",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-8326",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@lenovo.com",
"id": "CVE-2020-8326",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-008820",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-1522",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-186451",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186451"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1522"
},
{
"db": "NVD",
"id": "CVE-2020-8326"
},
{
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges. (DoS) It may be put into a state. Lenovo Drivers Management is a driver management application for Lenovo products from China Lenovo (Lenovo). This program is mainly used for driver installation and upgrade, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8326"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "VULHUB",
"id": "VHN-186451"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8326",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008820",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1522",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "47895",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-44072",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-186451",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186451"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1522"
},
{
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"id": "VAR-202007-1424",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186451"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:51:24.495000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-38381",
"trust": 0.8,
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
},
{
"title": "Lenovo Drivers Management Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124838"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1522"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186451"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8326"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8326"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47895"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186451"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1522"
},
{
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186451"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1522"
},
{
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-24T00:00:00",
"db": "VULHUB",
"id": "VHN-186451"
},
{
"date": "2020-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"date": "2020-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1522"
},
{
"date": "2020-07-24T16:15:12.193000",
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-186451"
},
{
"date": "2020-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008820"
},
{
"date": "2020-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1522"
},
{
"date": "2024-11-21T05:38:43.063000",
"db": "NVD",
"id": "CVE-2020-8326"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1522"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lenovo Drivers Management Vulnerabilities in unquoted search paths or elements in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008820"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1522"
}
],
"trust": 0.6
}
}
CVE-2020-8326 (GCVE-0-2020-8326)
Vulnerability from nvd – Published: 2020-07-24 16:10 – Updated: 2024-09-17 03:13
VLAI?
Summary
An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
Severity ?
7.3 (High)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Drivers Management |
Affected:
unspecified , < 2.7.1128.1046
(custom)
|
Date Public ?
2020-07-24 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drivers Management",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "2.7.1128.1046",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Jinwei Chen of Bangcle Security for reporting this issue."
}
],
"datePublic": "2020-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-24T16:10:25.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-07-24T16:00:00.000Z",
"ID": "CVE-2020-8326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Drivers Management",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.7.1128.1046"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Jinwei Chen of Bangcle Security for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428 Unquoted Search Path or Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iknow.lenovo.com.cn/detail/dc_190088.html",
"refsource": "MISC",
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2020-8326",
"datePublished": "2020-07-24T16:10:25.935Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:13:27.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8317 (GCVE-0-2020-8317)
Vulnerability from nvd – Published: 2020-07-24 16:10 – Updated: 2024-09-17 00:10
VLAI?
Summary
A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
Severity ?
7.3 (High)
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Drivers Management |
Affected:
unspecified , < 2.7.1128.1046
(custom)
|
Date Public ?
2020-07-24 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drivers Management",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "2.7.1128.1046",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue."
}
],
"datePublic": "2020-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-24T16:10:25.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-07-24T16:00:00.000Z",
"ID": "CVE-2020-8317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Drivers Management",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.7.1128.1046"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-426 Untrusted Search Path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iknow.lenovo.com.cn/detail/dc_190088.html",
"refsource": "MISC",
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2020-8317",
"datePublished": "2020-07-24T16:10:25.529Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:10:49.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8326 (GCVE-0-2020-8326)
Vulnerability from cvelistv5 – Published: 2020-07-24 16:10 – Updated: 2024-09-17 03:13
VLAI?
Summary
An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
Severity ?
7.3 (High)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Drivers Management |
Affected:
unspecified , < 2.7.1128.1046
(custom)
|
Date Public ?
2020-07-24 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drivers Management",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "2.7.1128.1046",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Jinwei Chen of Bangcle Security for reporting this issue."
}
],
"datePublic": "2020-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-24T16:10:25.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-07-24T16:00:00.000Z",
"ID": "CVE-2020-8326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Drivers Management",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.7.1128.1046"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Jinwei Chen of Bangcle Security for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428 Unquoted Search Path or Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iknow.lenovo.com.cn/detail/dc_190088.html",
"refsource": "MISC",
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2020-8326",
"datePublished": "2020-07-24T16:10:25.935Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:13:27.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8317 (GCVE-0-2020-8317)
Vulnerability from cvelistv5 – Published: 2020-07-24 16:10 – Updated: 2024-09-17 00:10
VLAI?
Summary
A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
Severity ?
7.3 (High)
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Drivers Management |
Affected:
unspecified , < 2.7.1128.1046
(custom)
|
Date Public ?
2020-07-24 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drivers Management",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "2.7.1128.1046",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue."
}
],
"datePublic": "2020-07-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-24T16:10:25.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-07-24T16:00:00.000Z",
"ID": "CVE-2020-8317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Drivers Management",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.7.1128.1046"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-426 Untrusted Search Path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iknow.lenovo.com.cn/detail/dc_190088.html",
"refsource": "MISC",
"url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
}
],
"source": {
"advisory": "LEN-38381",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2020-8317",
"datePublished": "2020-07-24T16:10:25.529Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:10:49.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}