CVE-2017-3764

CWE-200Information Exposure3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.7%
top 27.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Lenovo Xclarity AdministratorLenovo Group Ltd. Xclarity Administrator
Timeline
PublishedNov 30
Latest updateMay 17

Description

A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5lenovo_group_ltd./xclarity_administratorEarlier than 1.4.0

Patches

Patch: support.lenovo.comPatch: support.lenovo.com

🔴Vulnerability Details

2
GHSA
GHSA-m4wp-2j5p-9x5g: A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 12022-05-17
CVEList
CVE-2017-3764: A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 12017-11-30
CVE-2017-3764 (MEDIUM CVSS 5.3) | A vulnerability was identified in L | cvebase.io