Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo xclarity administrator vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-6179
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior...
Lenovo Xclarity Administrator
Lenovo Xclarity Integrator
7.2
CVSSv3
CVE-2023-34420
A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API.
Lenovo Xclarity Administrator
7.5
CVSSv3
CVE-2019-6193
An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions before 2.6.6 that could allow unauthenticated access to some configuration files which may contain usernames, license keys, IP addresses, and encrypted password hashes.
Lenovo Xclarity Administrator
7.8
CVSSv3
CVE-2017-3745
In Lenovo XClarity Administrator (LXCA) prior to 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authenticated to the LXCA's internal LDAP server, including administrative accoun...
Lenovo Xclarity Administrator
5.9
CVSSv3
CVE-2019-6158
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.
Lenovo Xclarity Administrator
5.5
CVSSv3
CVE-2019-6194
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions before 2.6.6 that could allow information disclosure.
Lenovo Xclarity Administrator
6.1
CVSSv3
CVE-2019-6181
A reflected cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions before 2.5.0 that could allow a crafted URL, if visited, to cause JavaScript code to be executed in the user's web browser. The JavaScript code is not executed ...
Lenovo Xclarity Administrator
7
CVSSv3
CVE-2016-8221
Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA account...
Lenovo Xclarity Administrator
5.4
CVSSv3
CVE-2019-19757
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered a Document Object Model (DOM) based cross-site scripting vulnerability in versions before 2.6.6 that could allow JavaScript code to be executed in the user's web browser if a specially craf...
Lenovo Xclarity Administrator
4.8
CVSSv3
CVE-2019-6180
A stored cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions before 2.5.0 that could allow an administrative user to cause JavaScript code to be stored in LXCA which may then be executed in the user's web browser. The JavaSc...
Lenovo Xclarity Administrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »