Search
Find a vulnerability
Search criteria
2 vulnerabilities found for XClarity Administrator (LXCA) by Lenovo Group Ltd.
CVE-2016-8221 (GCVE-0-2016-8221)
Vulnerability from nvd – Published: 2017-01-12 22:00 – Updated: 2024-08-06 02:13
VLAI
Summary
Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.
Severity
No CVSS data available.
CWE
- unspecified
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95417 | vdb-entryx_refsource_BID |
| https://support.lenovo.com/us/en/product_security… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo Group Ltd. | XClarity Administrator (LXCA) |
Affected:
1.2.0
|
Date Public
2016-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95417",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95417"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN_10605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "XClarity Administrator (LXCA)",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"datePublic": "2016-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-16T10:57:01.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"name": "95417",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95417"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN_10605"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2016-8221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "XClarity Administrator (LXCA)",
"version": {
"version_data": [
{
"version_value": "1.2.0"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95417"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN_10605",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN_10605"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2016-8221",
"datePublished": "2017-01-12T22:00:00.000Z",
"dateReserved": "2016-09-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:21.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8221 (GCVE-0-2016-8221)
Vulnerability from cvelistv5 – Published: 2017-01-12 22:00 – Updated: 2024-08-06 02:13
VLAI
Summary
Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.
Severity
No CVSS data available.
CWE
- unspecified
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95417 | vdb-entryx_refsource_BID |
| https://support.lenovo.com/us/en/product_security… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo Group Ltd. | XClarity Administrator (LXCA) |
Affected:
1.2.0
|
Date Public
2016-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95417",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95417"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN_10605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "XClarity Administrator (LXCA)",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
],
"datePublic": "2016-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-16T10:57:01.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"name": "95417",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95417"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN_10605"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2016-8221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "XClarity Administrator (LXCA)",
"version": {
"version_data": [
{
"version_value": "1.2.0"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95417"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN_10605",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN_10605"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2016-8221",
"datePublished": "2017-01-12T22:00:00.000Z",
"dateReserved": "2016-09-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:13:21.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}