Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLenovoCVELIST:CVE-2017-3744
HistoryJun 20, 2017 - 12:00 a.m.

CVE-2017-3744

2017-06-2000:00:00
lenovo
www.cve.org

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.6%

JSON

In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.

CNA Affected

[
  {
    "product": "Lenovo System x IMM2",
    "vendor": "Lenovo Group Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "Lenovo System x IMM2 firmware versions earlier than 4.10 and IBM System x IMM2 firmware versions earlier than 6.20"
      }
    ]
  }
]

Related

lenovo 2
cve 1
prion 1
nvd 1
lenovo
lenovo
Login information processed by the IMM2 may be exposed to local IMM2 users - Lenovo Support US
2017-08-08 00:00:00
Login information processed by the IMM2 may be exposed to local IMM2 users - us
2017-08-08 00:00:00
cve
cve
CVE-2017-3744
2017-06-20 00:29:00
prion
prion
Design/Logic Flaw
2017-06-20 00:29:00
nvd
nvd
CVE-2017-3744
2017-06-20 00:29:00

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.6%

JSON
Related for CVELIST:CVE-2017-3744
lenovo2cve1prion1nvd1