CVE-2023-29056
published 2023-04-28CVE-2023-29056: A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to…
medium5.9CVSS 3.1
AVNACHPRNUINSUCHINAN
A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined.
Affected
113 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | thinkagile_hx1021_firmware | < 3.72_tei388s | 3.72_tei388s |
| lenovo | thinkagile_hx1320_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx1321_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx1331_firmware | < 2.93_afbt30p | 2.93_afbt30p |
| lenovo | thinkagile_hx1520-r_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx1521-r_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx2320-e_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx2321_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx2330_firmware | < 2.93_afbt30p | 2.93_afbt30p |
| lenovo | thinkagile_hx2330_firmware | — | — |
| lenovo | thinkagile_hx2331_firmware | < 2.93_afbt30p | 2.93_afbt30p |
| lenovo | thinkagile_hx2720-e_firmware | < 3.72_tei388s | 3.72_tei388s |
| lenovo | thinkagile_hx3320_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx3321_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx3330_firmware | < 2.93_afbt30p | 2.93_afbt30p |
| lenovo | thinkagile_hx3331_firmware | < 2.93_afbt30p | 2.93_afbt30p |
| lenovo | thinkagile_hx3331_firmware | < 4.71_d8bt48p | 4.71_d8bt48p |
| lenovo | thinkagile_hx3375_firmware | < 4.71_d8bt48p | 4.71_d8bt48p |
| lenovo | thinkagile_hx3376_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx3520-g_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx3521-g_firmware | < 3.72_tei388s | 3.72_tei388s |
| lenovo | thinkagile_hx3720_firmware | < 3.72_tei388s | 3.72_tei388s |
| lenovo | thinkagile_hx3721_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx5520-c_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |
| lenovo | thinkagile_hx5520_firmware | < 8.88_cdi3a4a | 8.88_cdi3a4a |