CVE-2017-3763

3 documents3 sources

Severity

6.7MEDIUM

EPSS

0.1%

top 83.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Lenovo Xclarity Administrator Lenovo Group Ltd. Lenovo Xclarity Administrator (lxca)

Timeline

PublishedSep 22

Latest updateMay 13

Description

An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5lenovo_group_ltd./lenovo_xclarity_administrator_(lxca)Earlier than 1.3.2

▶NVDlenovo/xclarity_administrator1.3.1

🔴Vulnerability Details

GHSA

GHSA-rcfw-h9vx-5xwc: An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA v↗2022-05-13

▶

CVEList

CVE-2017-3763: An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA v↗2017-09-22

▶