Lucene search
LenovoCVE-2023-3113HistoryJun 26, 2023 - 8:15 p.m.
CVE-2023-3113
2023-06-2620:15:10
CWE-611
lenovo
web.nvd.nist.gov
18
cve-2023-3113
xxe
lxca
cim
security vulnerability
nvd
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
43.4%
An unauthenticated XML external entity injection (XXE) vulnerability exists in LXCA’s Common Information Model (CIM) server that could result in read-only access to specific files.
Affected configurations
Node
lenovoxclarity_administratorRange<4.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| lenovo | xclarity_administrator | * | cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Lenovo XClarity Administrator",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Versions prior to 4.0"
}
]
}
]Related
nvd
nvd
CVE-2023-3113
2023-06-26 20:15:10
prion
prion
Xxe
2023-06-26 20:15:00
cvelist
cvelist
CVE-2023-3113
2023-06-26 19:44:58
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
43.4%
Related for CVE-2023-3113