Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-6282

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device...

8.6CVSS5.5AI score0.00391EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.7 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.00665EPSS
Exploits0References3
Lenovo
Lenovo
added 2022/08/15 4:17 p.m.3 views

Remote Support Authentication Vulnerability in IBM Spectrum Virtualize and Lenovo Storage V Series - Lenovo Support US

No description provided...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/07/21 12:0 a.m.7 views

The vulnerability of the implementation of the status tracking mechanism for the AutoSupport system allows a perpetrator to gain unauthorized access to protected information. This vulnerability is present in the Active IQ Unified Manager, a tool for managing system status and performance in storage systems. This vulnerability is also present in the microsoftware used in Lenovo ThinkSystem DM series storage systems.

The vulnerability of the AutoSupport system monitoring mechanism implemented in the Active IQ Unified Manager software for managing storage system status and performance, as well as in Lenovo ThinkSystem DM series storage systems, is related to insufficient protection of operational data...

3.7CVSS5.9AI score0.00509EPSS
Exploits0References4Affected Software12
ATTACKERKB
ATTACKERKB
added 2022/05/18 4:15 p.m.2 views

CVE-2021-42848

An information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to retrieve device and networking details...

5.3CVSS6AI score0.00686EPSS
Exploits0References2
OSV
OSV
added 2022/05/18 4:15 p.m.5 views

CVE-2021-42850

A weak default administrator password for the web interface and serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical or local network access...

7.8CVSS5.8AI score0.00233EPSS
Exploits0References1
Rows per page
Query Builder