CVEDB API

In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a debug log when user authentication fails.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.8%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

Products affected by CVE-2018-16095

Lenovo » Thinkagile Hx Enclosure 7x81 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7x81:-
Lenovo » Thinkagile Hx Enclosure 7y87 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7y87:-
Lenovo » Thinkagile Hx Enclosure 7z02 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7z02:-
Lenovo » Thinkagile Vx Enclosure 7y11 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y11:-
Lenovo » Thinkagile Vx Enclosure 7y91 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y91:-
Lenovo » Thinksystem D2 Enclosure 7x20 » Version: N/A

cpe:2.3:h:lenovo:thinksystem_d2_enclosure_7x20:-
Lenovo » Thinksystem Modular Enclosure 7x22 » Version: N/A

cpe:2.3:h:lenovo:thinksystem_modular_enclosure_7x22:-
Lenovo » System Management Module Firmware » Version: 1.05

cpe:2.3:o:lenovo:system_management_module_firmware:1.05