Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.

Published : 2017-01-12 22:59 Updated : 2017-01-19 15:59

CVSS Score More info
Score 1.9 / 10
Vendor Product Version URI
Lenovo Xclarity Administrator 1.1.1 cpe:/a:lenovo:xclarity_administrator:1.1.1
  1. Lenovo (1) Search CVE
    1. Xclarity Administrator (1) Search CVE
      1. 1.1.1


ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE

History of changes

Date Event
2017-01-12 22:59