CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-9083

In System Management Module (SMM) versions prior to 1.06, the SMM contains weak default root credentials which could be used to log in to the device OS -- if the attacker manages to enable SSH or Telnet connections via some other vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.3%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 9.3

References

Products affected by CVE-2018-9083

Lenovo » Thinkagile Hx Enclosure 7x81 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7x81:-
Lenovo » Thinkagile Hx Enclosure 7y87 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7y87:-
Lenovo » Thinkagile Hx Enclosure 7z02 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7z02:-
Lenovo » Thinkagile Vx Enclosure 7y11 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y11:-
Lenovo » Thinkagile Vx Enclosure 7y91 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y91:-
Lenovo » Thinksystem D2 Enclosure 7x20 » Version: N/A

cpe:2.3:h:lenovo:thinksystem_d2_enclosure_7x20:-
Lenovo » Thinksystem Modular Enclosure 7x22 » Version: N/A

cpe:2.3:h:lenovo:thinksystem_modular_enclosure_7x22:-
Lenovo » System Management Module Firmware » Version: 1.05

cpe:2.3:o:lenovo:system_management_module_firmware:1.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-9083

Products

Pricing

Contact Us