46 matches found
CVE-2015-3322
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store 1 user and 2 administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors...
CVE-2015-3323
The ThinkServer System Manager TSM Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of service web interface crash via a malformed HTTP request during authentication...
CVE-2015-3324
The ThinkServer System Manager TSM Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers...
CVE-2015-3323
CVE-2015-3323 affects Lenovo ThinkServer System Manager (TSM) BMC in RD350, RD450, RD550, RD650 and TD350. The vulnerability is triggered by a malformed HTTP request during authentication, causing a denial of service by crashing the web interface. A fix is available in TSM firmware 1.27.73476 (an...
CVE-2015-3322
Lenovo ThinkServer RD350/RD450/RD550/RD650/TD350—before BIOS firmware 1.26.0, BIOS passwords (user and admin) are stored with a legacy, weak encryption. This could allow an attacker to decrypt passwords via unspecified vectors. Affected models require upgrading to BIOS firmware version 1.26.0 (or...
CVE-2015-3324
CVE-2015-3324 affects Lenovo ThinkServer System Manager (TSM) Baseboard Management Controller. The vulnerability is due to TSM firmware not validating server certificates during an encrypted remote KVM session, enabling man-in-the-middle attackers to spoof the server. Affected devices include Thi...