CVE-2019-6193

CWE-284Improper Access ControlCWE-200Information Exposure3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 43.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Lenovo Xclarity Administrator (lxca)Lenovo Xclarity Administrator
Timeline
PublishedFeb 14
Latest updateMay 24

Description

An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow unauthenticated access to some configuration files which may contain usernames, license keys, IP addresses, and encrypted password hashes.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5lenovo/xclarity_administrator_(lxca)unspecified2.6.6

🔴Vulnerability Details

2
GHSA
GHSA-3mv5-rjm2-qwx6: An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 22022-05-24
CVEList
CVE-2019-6193: An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 22020-02-14
CVE-2019-6193 (HIGH CVSS 7.5) | An information disclosure vulnerabi | cvebase.io