CVE-2016-8221

CWE-2643 documents3 sources
Severity
7.0HIGH
EPSS
0.1%
top 82.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Lenovo Xclarity AdministratorLenovo Group Ltd. Xclarity Administrator (lxca)
Timeline
PublishedJan 12
Latest updateMay 17

Description

Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages2 packages

Patches

Patch: support.lenovo.comPatch: support.lenovo.com

🔴Vulnerability Details

2
GHSA
GHSA-x22w-gfvm-wmxm: Privilege Escalation in Lenovo XClarity Administrator earlier than 12022-05-17
CVEList
CVE-2016-8221: Privilege Escalation in Lenovo XClarity Administrator earlier than 12017-01-12
CVE-2016-8221 (HIGH CVSS 7) | Privilege Escalation in Lenovo XCla | cvebase.io