Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-4608: Lenovo XClarity Controller (XCC) Vulnerabilities - Lenovo Support US

An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.

This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.

CVE
#sql#vulnerability#lenovo#auth

About Lenovo

  • Our Company
  • News
  • Investor Relations
  • Sustainability
  • Product Compliance
  • Product Security
  • Lenovo Open Source
  • Legal Information
  • Jobs at Lenovo

Shop

  • Laptops & Ultrabooks
  • Tablets
  • Desktops & All-in-Ones
  • Workstations
  • Accessories & Software
  • Servers
  • Storage
  • Networking
  • Laptop Deals
  • Outlet

Support

  • Drivers & Software
  • How To’s
  • Warranty Lookup
  • Parts Lookup
  • Contact Us
  • Repair Status Check
  • Imaging & Security Resources
  • Glossary

Resources

  • Where to Buy
  • Shopping Help
  • Track Order Status
  • Product Specifications (PSREF)
  • Forums
  • Registration
  • Product Accessibility
  • Environmental Information
  • Gaming Community
  • LenovoEDU Community
  • LenovoPRO Community

© Lenovo.
| | | |

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907