Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo xclarity administrator vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-6179
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior...
Lenovo Xclarity Administrator
Lenovo Xclarity Integrator
9.8
CVSSv3
CVE-2016-8233
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.
Lenovo Xclarity Administrator
5.9
CVSSv3
CVE-2019-6158
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.
Lenovo Xclarity Administrator
5.5
CVSSv3
CVE-2019-6194
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions before 2.6.6 that could allow information disclosure.
Lenovo Xclarity Administrator
8.8
CVSSv3
CVE-2018-9064
In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user may abuse a web API debug call to retrieve the credentials for the System Manager user.
Lenovo Xclarity Administrator
5.4
CVSSv3
CVE-2019-19757
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered a Document Object Model (DOM) based cross-site scripting vulnerability in versions before 2.6.6 that could allow JavaScript code to be executed in the user's web browser if a specially craf...
Lenovo Xclarity Administrator
4.9
CVSSv3
CVE-2020-8355
An internal product security audit of Lenovo XClarity Administrator (LXCA) prior to version 3.1.0 discovered the Windows OS credentials provided by the LXCA user to perform driver updates of managed systems may be captured in the First Failure Data Capture (FFDC) service log if t...
Lenovo Xclarity Administrator
7.5
CVSSv3
CVE-2023-3113
An unauthenticated XML external entity injection (XXE) vulnerability exists in LXCA's Common Information Model (CIM) server that could result in read-only access to specific files.
Lenovo Xclarity Administrator
6.7
CVSSv3
CVE-2017-3763
An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2.
Lenovo Xclarity Administrator
5.3
CVSSv3
CVE-2017-3764
A vulnerability was identified in Lenovo XClarity Administrator (LXCA) prior to 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed.
Lenovo Xclarity Administrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »