Lucene search

[email protected]NVD:CVE-2016-5247

HistorySep 22, 2016 - 3:59 p.m.

CVE-2016-5247

2016-09-2215:59:00

CWE-254

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

5.1%

JSON

The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate attackers to bypass the Secure Boot protection mechanism by leveraging an AMI test key.

Affected configurations

Nvd

Node

lenovobiosMatch-

AND

lenovothinkcentre_e93Match-

lenovothinkcentre_m6500t\/sMatch-

lenovothinkcentre_m6600Match-

lenovothinkcentre_m6600qMatch-

lenovothinkcentre_m6600t\/sMatch-

lenovothinkcentre_m73pMatch-

lenovothinkcentre_m800Match-

lenovothinkcentre_m83Match-

lenovothinkcentre_m8500t\/sMatch-

lenovothinkcentre_m8600t\/sMatch-

lenovothinkcentre_m900Match-

lenovothinkcentre_m93Match-

lenovothinkcentre_m93pMatch-

lenovothinkserver_rq940Match-

lenovothinkserver_rs140Match-

lenovothinkserver_ts140Match-

lenovothinkserver_ts240Match-

lenovothinkserver_ts440Match-

lenovothinkserver_ts540Match-

lenovothinkstation_e32Match-

lenovothinkstation_p300Match-

lenovothinkstation_p310Match-

VendorProductVersionCPE
lenovobios-cpe:2.3:o:lenovo:bios:-:*:*:*:*:*:*:*
lenovothinkcentre_e93-cpe:2.3:h:lenovo:thinkcentre_e93:-:*:*:*:*:*:*:*
lenovothinkcentre_m6500t\/s-cpe:2.3:h:lenovo:thinkcentre_m6500t\/s:-:*:*:*:*:*:*:*
lenovothinkcentre_m6600-cpe:2.3:h:lenovo:thinkcentre_m6600:-:*:*:*:*:*:*:*
lenovothinkcentre_m6600q-cpe:2.3:h:lenovo:thinkcentre_m6600q:-:*:*:*:*:*:*:*
lenovothinkcentre_m6600t\/s-cpe:2.3:h:lenovo:thinkcentre_m6600t\/s:-:*:*:*:*:*:*:*
lenovothinkcentre_m73p-cpe:2.3:h:lenovo:thinkcentre_m73p:-:*:*:*:*:*:*:*
lenovothinkcentre_m800-cpe:2.3:h:lenovo:thinkcentre_m800:-:*:*:*:*:*:*:*
lenovothinkcentre_m83-cpe:2.3:h:lenovo:thinkcentre_m83:-:*:*:*:*:*:*:*
lenovothinkcentre_m8500t\/s-cpe:2.3:h:lenovo:thinkcentre_m8500t\/s:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lenovo	bios	-	cpe:2.3:o:lenovo:bios:-:::::::*
lenovo	thinkcentre_e93	-	cpe:2.3:h:lenovo:thinkcentre_e93:-:::::::*
lenovo	thinkcentre_m6500t\/s	-	cpe:2.3:h:lenovo:thinkcentre_m6500t\/s:-:::::::*
lenovo	thinkcentre_m6600	-	cpe:2.3:h:lenovo:thinkcentre_m6600:-:::::::*
lenovo	thinkcentre_m6600q	-	cpe:2.3:h:lenovo:thinkcentre_m6600q:-:::::::*
lenovo	thinkcentre_m6600t\/s	-	cpe:2.3:h:lenovo:thinkcentre_m6600t\/s:-:::::::*
lenovo	thinkcentre_m73p	-	cpe:2.3:h:lenovo:thinkcentre_m73p:-:::::::*
lenovo	thinkcentre_m800	-	cpe:2.3:h:lenovo:thinkcentre_m800:-:::::::*
lenovo	thinkcentre_m83	-	cpe:2.3:h:lenovo:thinkcentre_m83:-:::::::*
lenovo	thinkcentre_m8500t\/s	-	cpe:2.3:h:lenovo:thinkcentre_m8500t\/s:-:::::::*

Rows per page:

1-10 of 231

References

www.securityfocus.com/bid/92661

support.lenovo.com/product_security/PS500067

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2016-5247

prion1 cvelist1 cve1 lenovo1