CVE-2019-6158

An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.

Published : 2019-05-03 20:29 Updated : 2019-10-09 23:51

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Lenovo Xclarity Administrator 2.0.0 cpe:/a:lenovo:xclarity_administrator:2.0.0
Lenovo Xclarity Administrator 2.1.0 cpe:/a:lenovo:xclarity_administrator:2.1.0
  1. Lenovo (1) Search CVE
    1. Xclarity Administrator (2) Search CVE
      1. 2.0.0
      2. 2.1.0

CWE

ID Name Description Links
CWE-532 Information Exposure Through Log Files Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. CVE

History of changes

Date Event
2019-05-06 20:33
2019-05-06 13:29
2019-05-03 20:29

New CVE