4 matches found
CVE-2023-4607
An authenticated XCC user can change permissions for any user through a crafted API command...
Security Bulletin: Multiple Vulnerabilities in XCC affect IBM Cloud Pak System
Summary Multiple Vulnerabilities in XClarity Controller XCC affect IBM Cloud Pak System. XCC is used by Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2023-4607 DESCRIPTION: Lenovo XClarity Controller XCC could allow a remote...
CVE-2023-4607
CVE-2023-4607 describes a vulnerability in Lenovo XClarity Controller (XCC): an authenticated XCC user can leverage a crafted API command to change the permissions of any user, effectively gaining elevated privileges. The issue is documented across multiple sources (Lenovo LEN-140960 reference; R...
Lenovo XClarity Controller (XCC) Vulnerabilities - Lenovo Support US
No description provided...