A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lenovo nextscale_n1200_enclosure_firmware |
||
lenovo thinkagile_cp-cb-10_firmware |
||
lenovo thinkagile_cp-cb-10e_firmware |
||
lenovo thinkagile_hx_enclosure_certified_node_firmware |
||
lenovo thinkagile_vx_enclosure_firmware |
||
lenovo thinksystem_d2_enclosure_firmware |
||
lenovo thinksystem_da240_enclosure_firmware |
||
lenovo thinksystem_dw612_enclosure_firmware |