CVE-2018-16092
published 2018-11-27CVE-2018-16092: In System Management Module (SMM) versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information…
high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
In System Management Module (SMM) versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | system_management_module_firmware | < 1.06 | 1.06 |
| lenovo | thinksystem_smm | >= unspecified < 1.06 | 1.06 |