CVE-2021-3897

🗓️ 22 Apr 2022 21:10:13Reported by lenovoType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 88 Views

An authentication bypass vulnerability was found in Lenovo Fan Power Controller2 and System Management Module firmware, allowing unauthenticated attacker to execute commands

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-3897	23 Apr 202200:28	–	circl
CNNVD	Lenovo Fan Power Controller2 授权问题漏洞	14 Dec 202100:00	–	cnnvd
Cvelist	CVE-2021-3897	22 Apr 202221:10	–	cvelist
EUVD	EUVD-2021-27129	7 Oct 202500:30	–	euvd
Lenovo	Authentication Bypass Vulnerabilities in FPC2 and SMM Firmware - Lenovo Support US	14 Dec 202116:54	–	lenovo
NVD	CVE-2021-3897	22 Apr 202221:15	–	nvd
Prion	Authentication flaw	22 Apr 202221:15	–	prion
Positive Technologies	PT-2022-10823 · Lenovo · Lenovo System Management Module +1	22 Apr 202200:00	–	ptsecurity
RedhatCVE	CVE-2021-3897	22 May 202520:11	–	redhatcve

NVD

Vulners

Node

lenovo nextscale_n1200_enclosure_firmwareRange<fhet50b-2.90

AND

lenovo nextscale_n1200_enclosureMatch-

Node

lenovo thinkagile_hx_enclosure_certified_node_firmwareRange<tesm28b-1.21

AND

lenovo thinkagile_hx_enclosure_certified_nodeMatch-

Node

lenovo thinkagile_vx_enclosure_firmwareRange<tesm28b-1.21

AND

lenovo thinkagile_vx_enclosureMatch-

Node

lenovo thinksystem_d2_enclosure_firmwareRange<tesm28b-1.21

AND

lenovo thinksystem_d2_enclosureMatch-

Node

ibm nextscale_fan_power_controller_firmwareRange<44a-3.70

AND

ibm nextscale_fan_power_controllerMatch-

[
  {
    "product": "Fan Power Controller2 (FPC2)",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "product": "Lenovo System Management Module (SMM)",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]