CVE-2018-9064
published 2018-07-30CVE-2018-9064: In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user may abuse a web API debug call to retrieve the credentials for the…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user may abuse a web API debug call to retrieve the credentials for the System Manager user.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | xclarity_administrator | < 2.1.0 | 2.1.0 |
| lenovo_group_ltd | lenovo_xclarity_administrator | — | — |