Product:

Thinkstation_p920_firmware

(Lenovo)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 15
Date Id Summary Products Score Patch Annotated
2020-06-09 CVE-2020-8321 A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. 130\-14ast_firmware, 130\-14ikb_firmware, 130\-15ast_firmware, 130\-15ikb_firmware, 320c\-15ikb_firmware, 330\-14igm_firmware, 330\-14ikb_firmware, 330\-14ikbr_firmware, 330\-15arr_firmware, 330\-15arr_touch_firmware, 330\-15ich_firmware, 330\-15igm_firmware, 330\-15ikb_firmware, 330\-15ikbr_firmware, 330\-15ikbr_touch_firmware, 330\-17ich_firmware, 330\-17ikb_firmware, 330\-17ikbr_firmware, 330c\-14ikb_firmware, 330c\-15ikb_firmware, 330c\-15ikbr_firmware, 340c\-15igm_firmware, 340c\-15ikb_firmware, 340c\-15iwl_firmware, 530s\-14arr_firmware, 530s\-14ikb_firmware, 530s\-14iwl_firmware, 530s\-15ikb_firmware, 530s\-15iwl_firmware, 720s\-13arr_firmware, 720s\-14ikbr_firmware, C340\-14api_firmware, C340\-14iml_firmware, C340\-14iwl_firmware, C340\-15iil_firmware, C340\-15iml_firmware, C340\-15iwl_firmware, D330\-10igm_firmware, D335\-10igm_firmware, E43\-80_kbl_firmware, E4\-14arr_firmware, Flex\-14iwl_firmware, Flex\-15iwl_firmware, Flex_6\-1470_firmware, Flex_6\-14arr_firmware, Flex_6\-14ikb_firmware, Ideapad_3_14_firmware, Ideapad_3_14iil05_firmware, Ideapad_3_15_firmware, Ideapad_3_15iil05_firmware, Ideapad_3_17iml05_firmware, Ideapad_5_15iil05_firmware, K43c\-80_firmware, L340\-15api_firmware, L340\-15api_touch_firmware, L340\-15irh_firmware, L340\-15iwl_touch_firmware, L340\-17api_firmware, L340\-17irh_firmware, L340\-17iwl_firmware, L3_15iml05_firmware, Legion_y530\-15ich\-1060_firmware, Legion_y530\-15ich_firmware, Legion_y540\-15_pg0_firmware, Legion_y540\-15irh_firmware, Legion_y540\-17_pg0_firmware, Legion_y540\-17irh_firmware, Legion_y545_firmware, Legion_y545_pg0_firmware, Legion_y7000_2019_firmware, Legion_y7000_pg0_firmware, Legion_y7000p\-1060_firmware, Legion_y7000p_2019_firmware, Legion_y7000p_pg0_firmware, Legion_y730\-15ich_firmware, Legion_y730\-17ich_firmware, Legion_y740\-15ichg_firmware, Legion_y740\-15irhg_firmware, Legion_y740\-17ichg_firmware, Legion_y740\-17irhg_firmware, Legion_y9000k_2019_firmware, Legion_y9000p_2019_firmware, Lenovo_e41\-25_firmware, Lenovo_v320\-17ikb_firmware, Lenovo_v720\-14ikb_firmware, Rescuer_y7000\(1060\)_firmware, Rescuer_y7000_firmware, Rescuer_y7000p\(1060\)_firmware, Rescuer_y7000p_firmware, S145\-14_firmware, S145\-14igm_firmware, S145\-14ikb_firmware, S145\-14iwl_firmware, S145\-15igm_firmware, S145\-15ikb_firmware, S145\-15iwl_firmware, S340\-13iml_firmware, S340\-14_firmware, S340\-14api_firmware, S340\-14iil_firmware, S340\-14iml_firmware, S340\-14iwl_firmware, S340\-14iwl_touch_firmware, S340\-15api_firmware, S340\-15iml_firmware, S340\-15iwl_firmware, S340\-15iwl_touch_firmware, S530\-13iml_firmware, S530\-13iwl_firmware, S540\-14api_firmware, S540\-14iml_firmware, S540\-14iwl_firmware, S540\-14iwl_touch_firmware, S540\-15iml_firmware, S540\-15iwl_firmware, S540\-15iwl_gtx_firmware, S550\-14iil_firmware, Thinkstation_p410_firmware, Thinkstation_p500_firmware, Thinkstation_p510_firmware, Thinkstation_p520_firmware, Thinkstation_p520c_firmware, Thinkstation_p700_firmware, Thinkstation_p710_firmware, Thinkstation_p720_firmware, Thinkstation_p900_firmware, Thinkstation_p910_firmware, Thinkstation_p920_firmware, V130\-14ast_firmware, V130\-14igm_firmware, V130\-14ikb_firmware, V130\-15ast_firmware, V145\-14ast_firmware, V145\-15ast_firmware, V320\-14ikb_firmware, V320\-15ikb_firmware, V320\-17ikbr_firmware, V330\-14arr_firmware, V330\-14ast_firmware, V330\-14igm_firmware, V330\-14isk_firmware, V330\-15ast_firmware, Wei5\-14ikb_firmware, Xiaoxin\-13iml_firmware, Xiaoxin\-14_2019iwl_firmware, Xiaoxin\-14igm_qc_2019_firmware, Xiaoxin\-14iwl_qc_2019_firmware, Xiaoxin\-15_2019iwl_firmware, Xiaoxin_air\-14iwl_2019_firmware, Xiaoxin_air\-15iwl_2019_firmware, Xiaoxin_air_13iwl_firmware, Xiaoxin_air_14arr_firmware, Xiaoxin_air_14ikbr_firmware, Xiaoxin_air_14iwl_firmware, Xiaoxin_air_15ikbr_firmware, Xiaoxin_air_15iwl_firmware, Xx\-14kb_qc_2019_firmware, Y7000_2019_1050_firmware, Yoga_530\-14arr_firmware, Yoga_530\-14ikb_firmware, Yoga_720\-12ikb_firmware, Yoga_730\-13ikb_firmware, Yoga_730\-13iwl_firmware, Yoga_730\-15ikb_firmware, Yoga_730\-15iwl_firmware, Yoga_c740\-14iml_firmware, Yoga_c740\-15iml_firmware, Yoga_c930\-13ikb_firmware, Yoga_c930_glass_firmware, Yoga_c940_firmware, Yoga_s740\-14iil_firmware, Zhaoyang_k42\-80_firmware 6.7
2021-11-12 CVE-2021-3519 A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes. Ideacentre_310s\-08igm_firmware, Ideacentre_3\-07imb05_firmware, Ideacentre_510a\-15arr_firmware, Ideacentre_510s\-07icb_firmware, Ideacentre_510s\-07ick_firmware, Ideacentre_5\-14imb05_firmware, Ideacentre_5\-14iob6_firmware, Ideacentre_c5\-14mb05_firmware, Ideacentre_creator_5\-14iob6_firmware, Ideacentre_g5\-14imb05_firmware, Ideacentre_gaming_5\-14iob6_firmware, Thinkcentre_e75_t\/s_firmware, Thinkcentre_m60e_tiny_firmware, Thinkcentre_m630e_firmware, Thinkcentre_m70a_firmware, Thinkcentre_m70a_gen_2_firmware, Thinkcentre_m70c_firmware, Thinkcentre_m70q_firmware, Thinkcentre_m70s_firmware, Thinkcentre_m70t_firmware, Thinkcentre_m710e_firmware, Thinkcentre_m710s_firmware, Thinkcentre_m710t_firmware, Thinkcentre_m720e_firmware, Thinkcentre_m75n_firmware, Thinkcentre_m75s_gen_2_firmware, Thinkcentre_m75t_gen_2_firmware, Thinkcentre_m80q_firmware, Thinkcentre_m80s_firmware, Thinkcentre_m80t_firmware, Thinkcentre_m810z_firmware, Thinkcentre_m820z_firmware, Thinkcentre_m90a_firmware, Thinkcentre_m90q_tiny_firmware, Thinkcentre_m90s_firmware, Thinkcentre_m90t_firmware, Thinkcentre_qt_b415_firmware, Thinkcentre_qt_m410_firmware, Thinkcentre_qt_m415_firmware, Thinkstation_p340_firmware, Thinkstation_p340_tiny_firmware, Thinkstation_p520_firmware, Thinkstation_p520c_firmware, Thinkstation_p720_firmware, Thinkstation_p920_firmware, V30a\-22iml_firmware, V330_firmware, V50a\-22imb_firmware, V50a\-24imb_firmware, V50s\-07imb_firmware, V50t\-13imb_firmware, V50t\-13imb_g2_firmware, V520_firmware, V520s_firmware, V530\-15arr_firmware, V530\-15icr_firmware, V530s\-07icb_firmware, V530s\-07icr_firmware, V55t\-15api_firmware 6.8
2023-01-30 CVE-2022-34884 A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service. Thinkagile_hx1021_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_certified_node_firmware, Thinkagile_mx1020_firmware, Thinkagile_mx1021_firmware, Thinkagile_mx3330\-F_firmware, Thinkagile_mx3330\-H_firmware, Thinkagile_mx3331\-F_firmware, Thinkagile_mx3331\-H_firmware, Thinkagile_mx3530\-H_firmware, Thinkagile_mx3530_f_firmware, Thinkagile_mx3531\-F_firmware, Thinkagile_mx3531_h_firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_certified_node_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450_firmware, Thinkstation_p920_firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_dwc_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr250_v2_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr645_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr665_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st658_v2_firmware 6.5
2023-01-30 CVE-2022-34888 The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect. Thinkagile_hx1021_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_certified_node_firmware, Thinkagile_mx1020_firmware, Thinkagile_mx1021_firmware, Thinkagile_mx3330\-F_firmware, Thinkagile_mx3330\-H_firmware, Thinkagile_mx3331\-F_firmware, Thinkagile_mx3331\-H_firmware, Thinkagile_mx3530\-H_firmware, Thinkagile_mx3530_f_firmware, Thinkagile_mx3531\-F_firmware, Thinkagile_mx3531_h_firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_certified_node_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450_firmware, Thinkstation_p920_firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_dwc_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr250_v2_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr645_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr665_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st658_v2_firmware 4.3
2023-01-30 CVE-2022-40136 An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. Ideacentre_3\-07ada05_firmware, Ideacentre_3\-07imb05_firmware, Ideacentre_3_07iab7_firmware, Ideacentre_510\-15ick_firmware, Ideacentre_510a\-15arr_firmware, Ideacentre_510a\-15ick_firmware, Ideacentre_510s\-07icb_firmware, Ideacentre_510s\-07ick_firmware, Ideacentre_5\-14acn6_firmware, Ideacentre_5\-14are05_firmware, Ideacentre_5\-14imb05_firmware, Ideacentre_5\-14iob6_firmware, Ideacentre_5_14iab7_firmware, Ideacentre_720\-18apr_firmware, Ideacentre_a340\-22igm_firmware, Ideacentre_a340\-24igm_firmware, Ideacentre_c5\-14imb05_firmware, Ideacentre_creator_5\-14iob6_firmware, Ideacentre_g5\-14amr05_firmware, Ideacentre_g5\-14imb05_firmware, Ideacentre_gaming_5\-14acn6_firmware, Ideacentre_gaming_5\-14iob6_firmware, Ideacentre_gaming_5_17acn7_firmware, Ideacentre_gaming_5_17iab7_firmware, Ideacentre_t540\-15ama_g_firmware, Ideacentre_t540\-15ick_firmware, Legion_c530\-19icb_firmware, Legion_t530\-28apr_firmware, Legion_t530\-28icb_firmware, Legion_t5\-26iob6_firmware, Legion_t5\-28icb05_firmware, Legion_t7\-34imz5_firmware, Qitian_a815_firmware, Qt_b415_firmware, Qt_m410_firmware, Qt_m415_firmware, Stadia_ggp\-120_firmware, Thinkcentre_e75_t\/s_firmware, Thinkcentre_e96z_firmware, Thinkcentre_m60e_tiny_firmware, Thinkcentre_m610_firmware, Thinkcentre_m625q_firmware, Thinkcentre_m630e_firmware, Thinkcentre_m6600q_firmware, Thinkcentre_m6600s_firmware, Thinkcentre_m6600t_firmware, Thinkcentre_m70a_firmware, Thinkcentre_m70a_gen_2_firmware, Thinkcentre_m70c_firmware, Thinkcentre_m70q_firmware, Thinkcentre_m70q_gen_2_firmware, Thinkcentre_m70q_gen_3_firmware, Thinkcentre_m70s_firmware, Thinkcentre_m70s_gen_3_firmware, Thinkcentre_m70t_firmware, Thinkcentre_m70t_gen_3_firmware, Thinkcentre_m710e_firmware, Thinkcentre_m710q_firmware, Thinkcentre_m710s_firmware, Thinkcentre_m710t_firmware, Thinkcentre_m715q_firmware, Thinkcentre_m715t_firmware, Thinkcentre_m720e_firmware, Thinkcentre_m720q_firmware, Thinkcentre_m720s_firmware, Thinkcentre_m720t_firmware, Thinkcentre_m725s_firmware, Thinkcentre_m75n_firmware, Thinkcentre_m75q\-1_firmware, Thinkcentre_m75q_gen_2_firmware, Thinkcentre_m75s\-1_firmware, Thinkcentre_m75s_gen_2_firmware, Thinkcentre_m75t_gen_2_firmware, Thinkcentre_m800_firmware, Thinkcentre_m80q_firmware, Thinkcentre_m80s_firmware, Thinkcentre_m80t_firmware, Thinkcentre_m810z_firmware, Thinkcentre_m818z_firmware, Thinkcentre_m820z_firmware, Thinkcentre_m900_firmware, Thinkcentre_m900x_firmware, Thinkcentre_m90a_firmware, Thinkcentre_m90a_gen2_firmware, Thinkcentre_m90q_gen_2_firmware, Thinkcentre_m90q_tiny_firmware, Thinkcentre_m90s_firmware, Thinkcentre_m910q_firmware, Thinkcentre_m910s_firmware, Thinkcentre_m910t_firmware, Thinkcentre_m910x_firmware, Thinkcentre_m920q_firmware, Thinkcentre_m920s_firmware, Thinkcentre_m920t_firmware, Thinkcentre_m920x_firmware, Thinkcentre_neo_50s_gen_3_firmware, Thinkcentre_neo_50t_gen_3_firmware, Thinkedge_se30_firmware, Thinksmart_core_\&_controller_full_room_kit\:_microsoft_teams_rooms_firmware, Thinksmart_core_\&_controller_full_room_kit\:_zoom_rooms_firmware, Thinksmart_core_\&_controller_kit\:_microsoft_teams_rooms_firmware, Thinksmart_core_\&_controller_kit\:_zoom_rooms_firmware, Thinksmart_core_device\:_zoom_rooms_firmware, Thinksmart_core_device_for_logitech_firmware, Thinksmart_core_device_for_poly_firmware, Thinksmart_hub_teams_firmware, Thinksmart_hub_zoom_firmware, Thinkstation_p310_firmware, Thinkstation_p318_firmware, Thinkstation_p320_firmware, Thinkstation_p320_tiny_firmware, Thinkstation_p330_tiny_firmware, Thinkstation_p340_firmware, Thinkstation_p340_tiny_firmware, Thinkstation_p348_firmware, Thinkstation_p350_firmware, Thinkstation_p350_tiny_firmware, Thinkstation_p520_firmware, Thinkstation_p520c_firmware, Thinkstation_p620_firmware, Thinkstation_p720_firmware, Thinkstation_p920_firmware, Thinksystem_st50_firmware, Thinksystem_st58_firmware, V30a\-22iml_firmware, V30a\-24iml_firmware, V330\-20icb_firmware, V35s\-07ada_firmware, V50a\-22imb_firmware, V50a\-24imb_firmware, V50s\-07imb_firmware, V50t\-13imb_firmware, V50t\-13iob_g2_firmware, V520_firmware, V520s_firmware, V530\-15arr_firmware, V530\-15icb_firmware, V530\-15icr_firmware, V530\-22icb_firmware, V530\-24icb_firmware, V530s\-07icb_firmware, V530s\-07icr_firmware, V540\-24iwl_firmware, V55t\-15api_firmware, V55t\-15are_firmware, V55t_gen_2_13acn_firmware, Yangtian_afq150_firmware, Yoga_a940\-27icb_firmware, Yta8900f_firmware 4.4
2023-04-28 CVE-2023-29058 A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions. Thinkagile_hx1021_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1331_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_firmware, Thinkagile_mx1020_firmware, Thinkagile_mx1021_on_se350_firmware, Thinkagile_mx3330\-F_firmware, Thinkagile_mx3330\-H_firmware, Thinkagile_mx3331\-F_firmware, Thinkagile_mx3331\-H_firmware, Thinkagile_mx3530\-H_firmware, Thinkagile_mx3530_f_firmware, Thinkagile_mx3531\-F_firmware, Thinkagile_mx3531_h_firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450__firmware, Thinkstation_p920_firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr250_v2_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st658_v2_firmware 6.5
2023-04-28 CVE-2023-29057 A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”. Thinkagile_hx1021_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1331_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_firmware, Thinkagile_mx1020_firmware, Thinkagile_mx1021_on_se350_firmware, Thinkagile_mx3330\-F_firmware, Thinkagile_mx3330\-H_firmware, Thinkagile_mx3331\-F_firmware, Thinkagile_mx3331\-H_firmware, Thinkagile_mx3530\-H_firmware, Thinkagile_mx3530_f_firmware, Thinkagile_mx3531\-F_firmware, Thinkagile_mx3531_h_firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450__firmware, Thinkstation_p920_firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr250_v2_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st658_v2_firmware 8.8
2023-04-28 CVE-2023-29056 A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined. Thinkagile_hx1021_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1331_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_firmware, Thinkagile_mx1020_firmware, Thinkagile_mx1021_on_se350_firmware, Thinkagile_mx3330\-F_firmware, Thinkagile_mx3330\-H_firmware, Thinkagile_mx3331\-F_firmware, Thinkagile_mx3331\-H_firmware, Thinkagile_mx3530\-H_firmware, Thinkagile_mx3530_f_firmware, Thinkagile_mx3531\-F_firmware, Thinkagile_mx3531_h_firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450__firmware, Thinkstation_p920_firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr250_v2_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st658_v2_firmware 5.9
2023-04-28 CVE-2023-25495 A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured Thinkagile_hx1021_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1331_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_firmware, Thinkagile_mx1020_firmware, Thinkagile_mx1021_on_se350_firmware, Thinkagile_mx3330\-F_firmware, Thinkagile_mx3330\-H_firmware, Thinkagile_mx3331\-F_firmware, Thinkagile_mx3331\-H_firmware, Thinkagile_mx3530\-H_firmware, Thinkagile_mx3530_f_firmware, Thinkagile_mx3531\-F_firmware, Thinkagile_mx3531_h_firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450__firmware, Thinkstation_p920_firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr250_v2_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st658_v2_firmware 4.9
2023-05-01 CVE-2023-0683 A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call. Thinkagile_hx1021_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1331_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_firmware, Thinkagile_mx1020_firmware, Thinkagile_mx1021_on_se350_firmware, Thinkagile_mx3330\-F_firmware, Thinkagile_mx3330\-H_firmware, Thinkagile_mx3331\-F_firmware, Thinkagile_mx3331\-H_firmware, Thinkagile_mx3530\-H_firmware, Thinkagile_mx3530_f_firmware, Thinkagile_mx3531\-F_firmware, Thinkagile_mx3531_h_firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450__firmware, Thinkstation_p920_firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr250_v2_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st658_v2_firmware 8.8