Lenovo: >> Thinkserver Td350 Firmware >> 1.25.0 Security Vulnerabilities
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-04-23
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.001
Published
2015-04-16