CVE-2023-4605
published 2024-04-05CVE-2023-4605: A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information.
medium6.5CVSS 3.1
AVNACLPRNUINSUCLINAL
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | xclarity_administrator | >= < 3.6.28 | 3.6.28 |
| lenovo | xclarity_administrator | >= < 4.0.24 | 4.0.24 |