Описание
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.07.0008 (включая)
cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00113
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-347
Связанные уязвимости
github
больше 3 лет назад
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.
EPSS
Процентиль: 30%
0.00113
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-347