CVE-2023-34418
published 2023-06-26CVE-2023-34418: A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data stored in LXCA due to a SQL injection vulnerability in a…
high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data stored in LXCA due to a SQL injection vulnerability in a specific web API.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | lenovo_xclarity_administrator | — | — |
| lenovo | xclarity_administrator | < 4.0.0 | 4.0.0 |