Shodan
Vulnerabilities
Vulnerable Software
Lenovo:  Security Vulnerabilities
CVE-2019-6160
A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-07-16
CVE-2019-6163
A denial of service vulnerability was reported in Lenovo System Update before version 5.07.0084 that could allow service log files to be written to non-standard locations.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-06-26
CVE-2019-6166
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow cross-site request forgery.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-06-26
CVE-2019-6167
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow remote code execution.
CVSS Score
8.8
EPSS Score
0.013
Published
2019-06-26
CVE-2019-6168
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow remote code execution.
CVSS Score
8.8
EPSS Score
0.013
Published
2019-06-26
CVE-2019-6169
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted downloads over FTP.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-06-26
CVE-2019-0130
Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via network access.
CVSS Score
7.4
EPSS Score
0.009
Published
2019-06-13
CVE-2019-0164
Improper permissions in the installer for Intel(R) Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.3
EPSS Score
0.001
Published
2019-06-13
CVE-2019-6158
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.
CVSS Score
8.7
EPSS Score
0.003
Published
2019-05-03
CVE-2019-6157
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved