Authentication flaw

2018-11-1614:29:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.6%

JSON

Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration.

CPENameOperatorVersion
chassis_management_module_firmwarelt2.0.0

CPE	Name	Operator	Version
	chassis_management_module_firmware	lt	2.0.0

References

support.lenovo.com/us/en/solutions/LEN-23806