Описание
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration.
Ссылки
- MitigationVendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.0 (исключая)
Одновременно
cpe:2.3:o:lenovo:chassis_management_module_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:chassis_management_module:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00308
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration.
EPSS
Процентиль: 54%
0.00308
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200