5 matches found
CVE-2023-4607
An authenticated XCC user can change permissions for any user through a crafted API command...
Lenovo XClarity Controller Security Vulnerability
Lenovo XClarity Controller XCC is a server-embedded management engine from Lenovo China that is used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller, which stems from the fact that an authenticated XCC user with read-only...
CVE-2023-4607
CVE-2023-4607 describes a vulnerability in Lenovo XClarity Controller (XCC): an authenticated XCC user can leverage a crafted API command to change the permissions of any user, effectively gaining elevated privileges. The issue is documented across multiple sources (Lenovo LEN-140960 reference; R...
CVE-2023-4607
An authenticated XCC user can change permissions for any user through a crafted API command...
CVE-2022-20791
A vulnerability in the database user privileges of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote...