CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-9084

In System Management Module (SMM) versions prior to 1.06, if an attacker manages to log in to the device OS, the validation of software updates can be circumvented.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2018-9084

Lenovo » Thinkagile Hx Enclosure 7x81 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7x81:-
Lenovo » Thinkagile Hx Enclosure 7y87 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7y87:-
Lenovo » Thinkagile Hx Enclosure 7z02 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7z02:-
Lenovo » Thinkagile Vx Enclosure 7y11 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y11:-
Lenovo » Thinkagile Vx Enclosure 7y91 » Version: N/A

cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y91:-
Lenovo » Thinksystem D2 Enclosure 7x20 » Version: N/A

cpe:2.3:h:lenovo:thinksystem_d2_enclosure_7x20:-
Lenovo » Thinksystem Modular Enclosure 7x22 » Version: N/A

cpe:2.3:h:lenovo:thinksystem_modular_enclosure_7x22:-
Lenovo » System Management Module Firmware » Version: 1.05

cpe:2.3:o:lenovo:system_management_module_firmware:1.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-9084

Products

Pricing

Contact Us