Headline
CVE-2023-4608: Lenovo XClarity Controller (XCC) Vulnerabilities - Lenovo Support US
An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.
This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
About Lenovo
- Our Company
- News
- Investor Relations
- Sustainability
- Product Compliance
- Product Security
- Lenovo Open Source
- Legal Information
- Jobs at Lenovo
Shop
- Laptops & Ultrabooks
- Tablets
- Desktops & All-in-Ones
- Workstations
- Accessories & Software
- Servers
- Storage
- Networking
- Laptop Deals
- Outlet
Support
- Drivers & Software
- How To’s
- Warranty Lookup
- Parts Lookup
- Contact Us
- Repair Status Check
- Imaging & Security Resources
- Glossary
Resources
- Where to Buy
- Shopping Help
- Track Order Status
- Product Specifications (PSREF)
- Forums
- Registration
- Product Accessibility
- Environmental Information
- Gaming Community
- LenovoEDU Community
- LenovoPRO Community
© Lenovo.
| | | |