CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-3765

In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.4%

CVSS Severity

CVSS v3 Score 7.0

CVSS v2 Score 6.2

References

Products affected by CVE-2017-3765

Ibm » 1g L2-7 Slb Switch For Bladecenter » Version: N/A

cpe:2.3:h:ibm:1g_l2-7_slb_switch_for_bladecenter:-
Ibm » Bladecenter 1 » Version: 10g_uplink_ethernet_switch_module

cpe:2.3:h:ibm:bladecenter_1:10g_uplink_ethernet_switch_module
Ibm » Bladecenter Layer 2/3 Copper Ethernet Switch Module » Version: N/A

cpe:2.3:h:ibm:bladecenter_layer_2/3_copper_ethernet_switch_module:-
Ibm » Bladecenter Virtual Fabric 10gb Switch Module » Version: N/A

cpe:2.3:h:ibm:bladecenter_virtual_fabric_10gb_switch_module:-
Ibm » Flex System En2092 1gb Ethernet Scalable Switch » Version: N/A

cpe:2.3:h:ibm:flex_system_en2092_1gb_ethernet_scalable_switch:-
Ibm » Flex System Fabric Cn4093 10gb Converged Scalable Switch » Version: N/A

cpe:2.3:h:ibm:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-
Ibm » Flex System Fabric En4093/en4093r 10gb Scalable Switch » Version: N/A

cpe:2.3:h:ibm:flex_system_fabric_en4093/en4093r_10gb_scalable_switch:-
Ibm » Flex System Fabric Si4093 10gb System Interconnect Module » Version: N/A

cpe:2.3:h:ibm:flex_system_fabric_si4093_10gb_system_interconnect_module:-
Ibm » Rackswitch G8052 » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8052:-
Ibm » Rackswitch G8124 » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8124:-
Ibm » Rackswitch G8124e » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8124e:-
Ibm » Rackswitch G8264 » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8264:-
Ibm » Rackswitch G8264cs » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8264cs:-
Ibm » Rackswitch G8264t » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8264t:-
Ibm » Rackswitch G8316 » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8316:-
Ibm » Rackswitch G8332 » Version: N/A

cpe:2.3:h:ibm:rackswitch_g8332:-
Lenovo » Flex System Fabric Cn4093 10gb Converged Scalable Switch » Version: N/A

cpe:2.3:h:lenovo:flex_system_fabric_cn4093_10gb_converged_scalable_switch:-
Lenovo » Flex System Fabric En4093r 10gb Scalable Switch » Version: N/A

cpe:2.3:h:lenovo:flex_system_fabric_en4093r_10gb_scalable_switch:-
Lenovo » Flex System Fabric Si4093 10gb System Interconnect Module » Version: N/A

cpe:2.3:h:lenovo:flex_system_fabric_si4093_10gb_system_interconnect_module:-
Lenovo » Flex System Si4091 System Interconnect Module » Version: N/A

cpe:2.3:h:lenovo:flex_system_si4091_system_interconnect_module:-
Lenovo » Rackswitch G7028 » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g7028:-
Lenovo » Rackswitch G7052 » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g7052:-
Lenovo » Rackswitch G8052 » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g8052:-
Lenovo » Rackswitch G8124e » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g8124e:-
Lenovo » Rackswitch G8264 » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g8264:-
Lenovo » Rackswitch G8264cs » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g8264cs:-
Lenovo » Rackswitch G8272 » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g8272:-
Lenovo » Rackswitch G8296 » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g8296:-
Lenovo » Rackswitch G8332 » Version: N/A

cpe:2.3:h:lenovo:rackswitch_g8332:-
Lenovo » Enterprise Network Operating System » Version: 8.4.0.0

cpe:2.3:o:lenovo:enterprise_network_operating_system:8.4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-3765

Products

Pricing

Contact Us