Vulnerability Details CVE-2023-2992
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-2992
-
cpe:2.3:h:lenovo:nextscale_n1200_enclosure:-
-
cpe:2.3:h:lenovo:thinkagile_cp-cb-10:-
-
cpe:2.3:h:lenovo:thinkagile_cp-cb-10e:-
-
cpe:2.3:h:lenovo:thinkagile_hx_enclosure_certified_node:-
-
cpe:2.3:h:lenovo:thinkagile_vx_enclosure:-
-
cpe:2.3:h:lenovo:thinksystem_d2_enclosure:-
-
cpe:2.3:h:lenovo:thinksystem_da240_enclosure:-
-
cpe:2.3:h:lenovo:thinksystem_dw612_enclosure:-
-
cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:-
-
cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:fhet50b-2.90
-
cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:-
-
cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:-
-
cpe:2.3:o:lenovo:thinkagile_hx_enclosure_certified_node_firmware:-
-
cpe:2.3:o:lenovo:thinkagile_hx_enclosure_certified_node_firmware:tesm28b-1.21
-
cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:-
-
cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:tesm28b-1.21
-
cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:-
-
cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:tesm28b-1.21
-
cpe:2.3:o:lenovo:thinksystem_da240_enclosure_firmware:-
-
cpe:2.3:o:lenovo:thinksystem_dw612_enclosure_firmware:-