Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo xclarity administrator vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3113
An unauthenticated XML external entity injection (XXE) vulnerability exists in LXCA's Common Information Model (CIM) server that could result in read-only access to specific files.
Lenovo Xclarity Administrator
383
VMScore
CVE-2019-6158
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.
Lenovo Xclarity Administrator
383
VMScore
CVE-2019-6194
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions before 2.6.6 that could allow information disclosure.
Lenovo Xclarity Administrator
320
VMScore
CVE-2019-19756
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS credentials, used to perform driver updates of managed systems, being written to a log file in clear text. This only affects LXCA version 2.6.0 when performing a Windows driver update...
Lenovo Xclarity Administrator 2.6.0
356
VMScore
CVE-2021-3417
An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator (LXCA), if added as a Resource Manager, are encoded then written to an internal LXCO log file each time a session is established with LXCA. Affected l...
Lenovo Xclarity Orchestrator
356
VMScore
CVE-2021-3473
An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore pass...
Lenovo Xclarity Controller 6.00 Cdi370q
Lenovo Xclarity Controller 1.10 Tgbt12q
Lenovo Xclarity Controller 2.14 Psi338i
Lenovo Xclarity Controller 4.40 Tei3b2p
NA
CVE-2023-4605
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3