11 matches found
EUVD-2021-26745
Malware in sbrugna...
CVE-2020-8356
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. Affected logs are captured in the First Failure Data Capture FFDC service log. The FFDC...
CVE-2021-3417
An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator LXCA, if added as a Resource Manager, are encoded then written to an internal LXCO log file each time a session is established with LXCA. Affected logs are captured in...
CVE-2020-8356
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. Affected logs are captured in the First Failure Data Capture FFDC service log. The FFDC...
Design/Logic Flaw
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. Affected logs are captured in the First Failure Data Capture FFDC service log. The FFDC...
Design/Logic Flaw
An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator LXCA, if added as a Resource Manager, are encoded then written to an internal LXCO log file each time a session is established with LXCA. Affected logs are captured in...
CVE-2021-3417
An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator LXCA, if added as a Resource Manager, are encoded then written to an internal LXCO log file each time a session is established with LXCA. Affected logs are captured in...
CVE-2021-3417
Lenovo XClarity Orchestrator (LXCO) prior to 1.2.2 stores LXCA credentials in internal logs: when LXCA is added as a Resource Manager, credentials are encoded and written to the FFDC/service log, which is only accessible to the privileged LXCO user who requested the file. No exploitation details ...
CVE-2020-8356
CVE-2020-8356 concerns Lenovo XClarity Orchestrator (LXCO) prior to version 1.2.2. The vulnerability arises because optional passwords for Syslog and SMTP forwarders are written in clear text to an internal LXCO log file; affected logs are captured in the FFDC service log. The FFDC log is generat...
CVE-2020-8356
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. Affected logs are captured in the First Failure Data Capture FFDC service log. The FFDC...
Lenovo XClarity Orchestrator (LXCO) Information Disclosure Vulnerabilities - Lenovo Support US
No description provided...