2 matches found
Security Bulletin: Multiple Vulnerabilities in Lenovo XCC affect IBM Cloud Pak System
Summary Multiple Vulnerabilities in Lenovo XCC affect IBM Cloud Pak System. Vulnerabilities were addressed in IBM Cloud Pak System v2.3.6.1. Vulnerability Details CVEID:CVE-2023-20599 DESCRIPTION: Improper register access control in ASP may allow a privileged attacker to perform unauthorized acce...
Authentication flaw
A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of Lenovo XClarity Controller XCC firmware affecting XCC devices configured in LDAP Authentication Only Mode and using an LDAP server that supports “unauthenticated bind”, such as Microsoft Active...