CVE-2023-34421
published 2023-06-26CVE-2023-34421: A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to…
medium6.5CVSS 3.1
AVNACLPRHUINSUCNIHAH
A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to insufficient input validation.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | lenovo_xclarity_administrator | — | — |
| lenovo | xclarity_administrator | < 4.0.0 | 4.0.0 |