Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.
[
{
"product": "XClarity Administrator (LXCA)",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
}
]