cbcvebase.
CVE-2023-25492
published 2023-05-01

CVE-2023-25492: A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string…

high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API.

Affected

113 ranges· showing 25
VendorProductVersion rangeFixed in
lenovothinkagile_hx1021_firmware< 3.72_tei388s3.72_tei388s
lenovothinkagile_hx1320_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx1321_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx1331_firmware< 2.93_afbt30p2.93_afbt30p
lenovothinkagile_hx1520-r_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx1521-r_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx2320-e_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx2321_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx2330_firmware< 2.93_afbt30p2.93_afbt30p
lenovothinkagile_hx2330_firmware
lenovothinkagile_hx2331_firmware< 2.93_afbt30p2.93_afbt30p
lenovothinkagile_hx2720-e_firmware< 3.72_tei388s3.72_tei388s
lenovothinkagile_hx3320_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx3321_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx3330_firmware< 2.93_afbt30p2.93_afbt30p
lenovothinkagile_hx3331_firmware< 2.93_afbt30p2.93_afbt30p
lenovothinkagile_hx3331_firmware< 4.71_d8bt48p4.71_d8bt48p
lenovothinkagile_hx3375_firmware< 4.71_d8bt48p4.71_d8bt48p
lenovothinkagile_hx3376_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx3520-g_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx3521-g_firmware< 3.72_tei388s3.72_tei388s
lenovothinkagile_hx3720_firmware< 3.72_tei388s3.72_tei388s
lenovothinkagile_hx3721_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx5520-c_firmware< 8.88_cdi3a4a8.88_cdi3a4a
lenovothinkagile_hx5520_firmware< 8.88_cdi3a4a8.88_cdi3a4a