Lucene search

[email protected]CVE-2016-8227

HistoryJan 26, 2017 - 5:59 p.m.

CVE-2016-8227

2017-01-2617:59:00

CWE-284

[email protected]

web.nvd.nist.gov

lenovo

transition

vulnerability

privilege escalation

local users

code execution

elevated privileges

windows

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.9%

JSON

Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges.

Affected configurations

NVD

Node

lenovotransitionMatch-

CPENameOperatorVersion
lenovo:transitionlenovo transitioneq-

CPE	Name	Operator	Version
lenovo:transition	lenovo transition	eq	-

CNA Affected

[
  {
    "product": "Transition application",
    "vendor": "Lenovo Group Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

References

www.securityfocus.com/bid/95159

support.lenovo.com/us/en/product_security/LEN-12508

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.9%

JSON

Related for CVE-2016-8227

nvd1 lenovo2 cvelist1 prion1