CVE-2023-34422
published 2023-06-26CVE-2023-34422: A valid, authenticated LXCA user with elevated privileges may be able to delete folders in the LXCA filesystem through a specifically crafted web API call due…
medium6.5CVSS 3.1
AVNACLPRHUINSUCNIHAH
A valid, authenticated LXCA user with elevated privileges may be able to delete folders in the LXCA filesystem through a specifically crafted web API call due to insufficient input validation.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | lenovo_xclarity_administrator | — | — |
| lenovo | xclarity_administrator | < 4.0.0 | 4.0.0 |