Количество 3
Количество 3
CVE-2024-38508
A privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via a specially crafted request.
GHSA-9953-mrch-gvmc
A privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via a specially crafted request.
BDU:2025-00192
Уязвимость веб-интерфейса или интерфейса командной оболочки контроллера Lenovo XClarity Controller (XCC) для серверов Lenovo ThinkSystem, позволяющая нарушителю выполнить произвольные команды
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-38508 A privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via a specially crafted request. | CVSS3: 7.2 | 1% Низкий | больше 1 года назад |
| GHSA-9953-mrch-gvmc A privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via a specially crafted request. | CVSS3: 7.2 | 1% Низкий | больше 1 года назад |
 | BDU:2025-00192 Уязвимость веб-интерфейса или интерфейса командной оболочки контроллера Lenovo XClarity Controller (XCC) для серверов Lenovo ThinkSystem, позволяющая нарушителю выполнить произвольные команды | CVSS3: 7.2 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу