Описание
In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:lenovo:lenovo_service_bridge:-:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00306
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.
EPSS
Процентиль: 53%
0.00306
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200