Lenovo Security Advisory: LEN-25667
Potential Impact: Information disclosure
Severity: Medium
Scope of Impact: Lenovo-specific
CVE Identifier: CVE-2019-6157
Summary Description:
In Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server’s private key in the generated log file for support.
Mitigation Strategy for Customers (what you should do to protect yourself):
Upgrade to the firmware version (or newer) indicated for your model in the Product Impact section below.