CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-7336

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://support.lenovo.com/us/en/product_security/lsu_privilege
https://support.lenovo.com/us/en/product_security/lsu_privilege

Products affected by CVE-2015-7336

Lenovo » System Update » Version: N/A

cpe:2.3:a:lenovo:system_update:-
Lenovo » System Update » Version: 5.06.0027

cpe:2.3:a:lenovo:system_update:5.06.0027
Lenovo » System Update » Version: 5.06.0034

cpe:2.3:a:lenovo:system_update:5.06.0034
Lenovo » System Update » Version: 5.06.0043

cpe:2.3:a:lenovo:system_update:5.06.0043
Lenovo » System Update » Version: 5.07.0008

cpe:2.3:a:lenovo:system_update:5.07.0008

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7336

Products

Pricing

Contact Us