Product:

Thinksystem_sr655_v3_firmware

(Lenovo)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2023-10-25 CVE-2023-4606 An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command.   This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected. Thinkagile_hx1331_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_mx3330\-F_all\-Flash_firmware, Thinkagile_mx3330\-H_hybrid_firmware, Thinkagile_mx3331\-F_all\-Flash_firmware, Thinkagile_mx3331\-H_hybrid_firmware, Thinkagile_mx3530\-H_hybrid_firmware, Thinkagile_mx3530_f_all_flash_firmware, Thinkagile_mx3531\-F_all\-Flash_firmware, Thinkagile_mx3531_h_hybrid_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_sd650_v3_firmware, Thinksystem_sd665_v3_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sr250_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr630_v3_firmware, Thinksystem_sr635_v3_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr650_v3_firmware, Thinksystem_sr655_v3_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr675_v3_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850_v3_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr860_v3_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st650_v3_firmware, Thinksystem_st658_v2_firmware, Thinksystem_st658_v3_firmware 8.1
2023-10-25 CVE-2023-4607 An authenticated XCC user can change permissions for any user through a crafted API command. Thinkagile_hx1021_edg_firmware, Thinkagile_hx1320_firmware, Thinkagile_hx1321_firmware, Thinkagile_hx1331_firmware, Thinkagile_hx1520\-R_firmware, Thinkagile_hx1521\-R_firmware, Thinkagile_hx2320\-E_firmware, Thinkagile_hx2321_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx2720\-E_firmware, Thinkagile_hx3320_firmware, Thinkagile_hx3321_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx3520\-G_firmware, Thinkagile_hx3521\-G_firmware, Thinkagile_hx3720_firmware, Thinkagile_hx3721_firmware, Thinkagile_hx5520\-C_firmware, Thinkagile_hx5520_firmware, Thinkagile_hx5521\-C_firmware, Thinkagile_hx5521_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7520_firmware, Thinkagile_hx7521_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_hx7820_firmware, Thinkagile_hx7821_firmware, Thinkagile_hx_enclosure_firmware, Thinkagile_mx1021_on_se350_firmware, Thinkagile_mx3330\-F_all\-Flash_firmware, Thinkagile_mx3330\-H_hybrid_firmware, Thinkagile_mx3331\-F_all\-Flash_firmware, Thinkagile_mx3331\-H_hybrid_firmware, Thinkagile_mx3530\-H_hybrid_firmware, Thinkagile_mx3530_f_all_flash_firmware, Thinkagile_mx3531\-F_all\-Flash_firmware, Thinkagile_mx3531_h_hybrid_firmware, Thinkagile_mx630_v3_firmware, Thinkagile_mx630_v3_intergrated_system_firmware, Thinkagile_mx650_v3_firmware, Thinkagile_mx650_v3_intergrated_system_firmware, Thinkagile_mx_edge\-_mx1020__firmware, Thinkagile_vx1320_firmware, Thinkagile_vx2320_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3320_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3520\-G_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx3720_firmware, Thinkagile_vx5520_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7320_n_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7520_firmware, Thinkagile_vx7520_n_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinkagile_vx7820_firmware, Thinkagile_vx_1se_firmware, Thinkagile_vx_2u4n_firmware, Thinkagile_vx_4u_firmware, Thinkedge_se450__firmware, Thinksystem_sd530_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_dual_node_tray_firmware, Thinksystem_sd650_dwc_dual_node_tray_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_sd650_v3_firmware, Thinksystem_sd665_v3_firmware, Thinksystem_se350_firmware, Thinksystem_sn550_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sn850_firmware, Thinksystem_sr150_firmware, Thinksystem_sr158_firmware, Thinksystem_sr250_firmware, Thinksystem_sr258_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr530_firmware, Thinksystem_sr550_firmware, Thinksystem_sr570_firmware, Thinksystem_sr590_firmware, Thinksystem_sr630_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr630_v3_firmware, Thinksystem_sr635_v3_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr650_v3_firmware, Thinksystem_sr655_v3_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr675_v3_firmware, Thinksystem_sr850_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850_v3_firmware, Thinksystem_sr850p_firmware, Thinksystem_sr860_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr860_v3_firmware, Thinksystem_sr950_firmware, Thinksystem_st250_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st550_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st650_v3_firmware, Thinksystem_st658_v2_firmware, Thinksystem_st658_v3_firmware 8.8
2023-10-25 CVE-2023-4608 An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.  This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected. Thinkagile_hx1331_firmware, Thinkagile_hx2330_firmware, Thinkagile_hx2331_firmware, Thinkagile_hx3330_firmware, Thinkagile_hx3331_firmware, Thinkagile_hx3375_firmware, Thinkagile_hx3376_firmware, Thinkagile_hx5530_firmware, Thinkagile_hx5531_firmware, Thinkagile_hx7530_firmware, Thinkagile_hx7531_firmware, Thinkagile_mx3330\-F_all\-Flash_firmware, Thinkagile_mx3330\-H_hybrid_firmware, Thinkagile_mx3331\-F_all\-Flash_firmware, Thinkagile_mx3331\-H_hybrid_firmware, Thinkagile_mx3530\-H_hybrid_firmware, Thinkagile_mx3530_f_all_flash_firmware, Thinkagile_mx3531\-F_all\-Flash_firmware, Thinkagile_mx3531_h_hybrid_firmware, Thinkagile_vx2330_firmware, Thinkagile_vx3330_firmware, Thinkagile_vx3331_firmware, Thinkagile_vx3530\-G_firmware, Thinkagile_vx5530_firmware, Thinkagile_vx7330_firmware, Thinkagile_vx7530_firmware, Thinkagile_vx7531_firmware, Thinksystem_sd630_v2_firmware, Thinksystem_sd650\-N_v2_firmware, Thinksystem_sd650_v2_firmware, Thinksystem_sd650_v3_firmware, Thinksystem_sd665_v3_firmware, Thinksystem_sn550_v2_firmware, Thinksystem_sr250_firmware, Thinksystem_sr258_v2_firmware, Thinksystem_sr630_v2_firmware, Thinksystem_sr630_v3_firmware, Thinksystem_sr635_v3_firmware, Thinksystem_sr645_firmware, Thinksystem_sr645_v3_firmware, Thinksystem_sr650_v2_firmware, Thinksystem_sr650_v3_firmware, Thinksystem_sr655_v3_firmware, Thinksystem_sr665_firmware, Thinksystem_sr665_v3_firmware, Thinksystem_sr670_firmware, Thinksystem_sr670_v2_firmware, Thinksystem_sr675_v3_firmware, Thinksystem_sr850_v2_firmware, Thinksystem_sr850_v3_firmware, Thinksystem_sr860_v2_firmware, Thinksystem_sr860_v3_firmware, Thinksystem_st250_v2_firmware, Thinksystem_st258_v2_firmware, Thinksystem_st650_v2_firmware, Thinksystem_st650_v3_firmware, Thinksystem_st658_v2_firmware, Thinksystem_st658_v3_firmware 7.2