Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLenovoCVELIST:CVE-2017-3745
HistoryJun 20, 2017 - 12:00 a.m.

CVE-2017-3745

2017-06-2000:00:00
lenovo
www.cve.org
4

AI Score

7.8

Confidence

High

EPSS

0.002

Percentile

53.6%

JSON

In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authenticated to the LXCA’s internal LDAP server, including administrative accounts and service accounts with administrative privileges. This is an issue only for users who have used local authentication with LXCA and not remote authentication against external LDAP or ADFS servers.

CNA Affected

[
  {
    "product": "XClarity Administrator",
    "vendor": "Lenovo Group Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "1.2.2"
      }
    ]
  }
]

Related

cve 1
lenovo 2
nvd 1
prion 1
cve
cve
CVE-2017-3745
2017-06-20 00:29:00
lenovo
lenovo
Lenovo XClarity Administrator Credential Disclosure - us
2017-06-08 00:00:00
Lenovo XClarity Administrator Credential Disclosure - Lenovo Support US
2017-06-08 00:00:00
nvd
nvd
CVE-2017-3745
2017-06-20 00:29:00
prion
prion
Authentication flaw
2017-06-20 00:29:00

AI Score

7.8

Confidence

High

EPSS

0.002

Percentile

53.6%

JSON
Related for CVELIST:CVE-2017-3745
cve1lenovo2nvd1prion1