3 matches found
CVE-2018-9073
CVE-2018-9073 affects Lenovo Chassis Management Module (CMM) prior to firmware version 2.0.0, where a hard-coded encryption key protects sensitive secrets. If an attacker already compromised the server, possession of this key can allow decryption of protected information. Connected sources confir...
CMM Security Concerns - Lenovo Support US
No description provided...
CMM Security Concerns - US
Lenovo Security Advisory: LEN-23806 Potential Impact: Information Disclosure; Hardcoded Encryption Key Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9071, CVE-2018-9073 Summary: In a recent internal audit, Lenovo identified potential security vulnerabilities in the...