Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for LXCI for Microsoft System Center by Lenovo

    CVE-2018-16097 (GCVE-0-2018-16097)

    Vulnerability from nvd – Published: 2018-11-30 14:00 – Updated: 2024-08-05 10:17
    VLAI
    Title
    LXCI for VMware and LXCI for Microsoft System Center
    Summary
    LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
    Severity
    No CVSS data available.
    CWE
    • file system modification
    Assigner
    References
    Impacted products
    Vendor Product Version
    Lenovo LXCI for VMware Affected: unspecified , < 5.5 (custom)
    Create a notification for this product.
    Lenovo LXCI for Microsoft System Center Affected: unspecified , < 3.5 (custom)
    Create a notification for this product.
    Date Public
    2018-11-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:17:37.668Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LXCI for VMware",
              "vendor": "Lenovo",
              "versions": [
                {
                  "lessThan": "5.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "LXCI for Microsoft System Center",
              "vendor": "Lenovo",
              "versions": [
                {
                  "lessThan": "3.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-11-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "file system modification",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-30T13:57:01.000Z",
            "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
            "shortName": "lenovo"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
            }
          ],
          "source": {
            "advisory": "LEN-23800",
            "discovery": "INTERNAL"
          },
          "title": "LXCI for VMware and LXCI for Microsoft System Center",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@lenovo.com",
              "ID": "CVE-2018-16097",
              "STATE": "PUBLIC",
              "TITLE": "LXCI for VMware and LXCI for Microsoft System Center"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "LXCI for VMware",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "5.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "LXCI for Microsoft System Center",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "3.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lenovo"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "file system modification"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.lenovo.com/us/en/solutions/LEN-23800",
                  "refsource": "CONFIRM",
                  "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
              }
            ],
            "source": {
              "advisory": "LEN-23800",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "assignerShortName": "lenovo",
        "cveId": "CVE-2018-16097",
        "datePublished": "2018-11-30T14:00:00.000Z",
        "dateReserved": "2018-08-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:17:37.668Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-16097 (GCVE-0-2018-16097)

    Vulnerability from cvelistv5 – Published: 2018-11-30 14:00 – Updated: 2024-08-05 10:17
    VLAI
    Title
    LXCI for VMware and LXCI for Microsoft System Center
    Summary
    LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
    Severity
    No CVSS data available.
    CWE
    • file system modification
    Assigner
    References
    Impacted products
    Vendor Product Version
    Lenovo LXCI for VMware Affected: unspecified , < 5.5 (custom)
    Create a notification for this product.
    Lenovo LXCI for Microsoft System Center Affected: unspecified , < 3.5 (custom)
    Create a notification for this product.
    Date Public
    2018-11-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:17:37.668Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LXCI for VMware",
              "vendor": "Lenovo",
              "versions": [
                {
                  "lessThan": "5.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "LXCI for Microsoft System Center",
              "vendor": "Lenovo",
              "versions": [
                {
                  "lessThan": "3.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-11-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "file system modification",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-30T13:57:01.000Z",
            "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
            "shortName": "lenovo"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
            }
          ],
          "source": {
            "advisory": "LEN-23800",
            "discovery": "INTERNAL"
          },
          "title": "LXCI for VMware and LXCI for Microsoft System Center",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@lenovo.com",
              "ID": "CVE-2018-16097",
              "STATE": "PUBLIC",
              "TITLE": "LXCI for VMware and LXCI for Microsoft System Center"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "LXCI for VMware",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "5.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "LXCI for Microsoft System Center",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "3.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lenovo"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "file system modification"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.lenovo.com/us/en/solutions/LEN-23800",
                  "refsource": "CONFIRM",
                  "url": "https://support.lenovo.com/us/en/solutions/LEN-23800"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
              }
            ],
            "source": {
              "advisory": "LEN-23800",
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "assignerShortName": "lenovo",
        "cveId": "CVE-2018-16097",
        "datePublished": "2018-11-30T14:00:00.000Z",
        "dateReserved": "2018-08-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:17:37.668Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }