46 matches found
CVE-2016-8236
Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77...
CVE-2016-8236
The CVE-2016-8236 issue affects Lenovo ThinkServer systems with ThinkServer System Manager (TSM): RD350, RD450, RD550, RD650, and TD350. A prolonged broadcast storm on the local LAN can trigger a watchdog-driven reset to defaults, setting the TSM username/password to defaults and wiping configura...
Inherent Risks of Using the Intelligent Platform Management Interface (IPMI) on the Lenovo System x Integrated Management Module (IMM), Integrated Management Module II (IMM2) and ThinkServer TSM - us
Lenovo Security Advisory: LEN-10617 Potential Impact: Access to systems through IPMI if default settings are not changed Severity: High Scope of Impact: Industry-Wide CVE Identifiers: CVE-2013-4037, CVE-2013-4031 Summary Description: Various risks with the industry-standard Intelligent Platform...
Lenovo Notebook and ThinkServer Local Elevation of Privilege Vulnerability
Lenovo Notebook and ThinkServer are both products of the Chinese company Lenovo. The former is a line of laptops and the latter is a line of servers. A local elevation of privilege vulnerability exists in the Lenovo Notebook and ThinkServer systems. An attacker could exploit this vulnerability to...
Privilege escalation
A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine ME protections. This could result in a denial of service or privilege escalation attack...
Intel Management Engine protection not set on some Lenovo Notebook and ThinkServer systems - Lenovo Support US
No description provided...
Design/Logic Flaw
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate...
Multiple ThinkServer System Manager (TSM) *50-series Security Weaknesses
Lenovo Security Advisory: LEN-2015-024 Potential Impact: Unauthorized Access; Escalation of Privilege; Denial of Service; Man-in-the-Middle MitM Attack Severity: High Summary: Multiple security weaknesses were discovered in the ThinkServer System Manager TSM Baseboard Management Controller for th...
ThinkServer *50-series BIOS Password Encryption Weakness
Lenovo Security Advisory: LEN-2015-018 Potential Impact: Password Disclosure Severity: Low Summary: The ThinkServer 50-series of servers store user and administrator BIOS passwords using a legacy, proprietary form of encryption. This issue was found during an internal security review and correcte...
Multiple ThinkServer System Manager (TSM) *50-series Security Weaknesses - Lenovo Support US
No description provided...
ThinkServer *50-series BIOS Password Encryption Weakness - Lenovo Support US
No description provided...
Multiple vulnerabilities in multiple Lenovo ThinkServer product servers
Lenovo ThinkServer RD350, RD450, RD550, RD650 and TD350 are rackmount server products from Lenovo, China. A weak encryption storage user and administrator BIOS password vulnerability exists in multiple Lenovo ThinkServer product servers. An attacker could exploit this vulnerability to crack the...
Multiple Lenovo ThinkServer Products ThinkServer System Manager Baseboard Management Controller Encryption Issue Vulnerability
Lenovo ThinkServer System Manager TSM Baseboard Management Controller BMC for ThinkServer RD350, etc. is a controller from Lenovo, China, embedded in the hardware devices of ThinkServer RD350, etc. for managing and monitoring server status. Lenovo's Baseboard Management Controller BMC for...
Multiple Lenovo ThinkServer Products ThinkServer System Manager Baseboard Management Controller Denial of Service Vulnerability
Lenovo ThinkServer System Manager TSM Baseboard Management Controller BMC for ThinkServer RD350, etc. is a controller from Lenovo, China, embedded in the hardware devices of ThinkServer RD350, etc. for managing and monitoring server status. Lenovo's Baseboard Management Controller BMC for...
CVE-2015-3324
The ThinkServer System Manager TSM Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers...
CVE-2015-3323
The ThinkServer System Manager TSM Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of service web interface crash via a malformed HTTP request during authentication...
CVE-2015-3322
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store 1 user and 2 administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors...
Design/Logic Flaw
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store 1 user and 2 administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors...
Authentication flaw
The ThinkServer System Manager TSM Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of service web interface crash via a malformed HTTP request during authentication...
Code injection
The ThinkServer System Manager TSM Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers...