Vulnerabilites related to lenovo - thinkagile_cp-cb-10_firmware
CVE-2023-2993 (GCVE-0-2023-2993)
Vulnerability from cvelistv5
Published
2023-06-26 19:44
Modified
2024-11-06 21:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-281 - Improper Preservation of Permissions
Summary
A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Lenovo | System Management Module (SMM) |
Version: various |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:41:04.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T21:46:22.855451Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:47:48.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "System Management Module (SMM) ",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fan Power Controller (FPC)",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute."
}
],
"value": "A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-26T19:44:50.040Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to the firmware version (or newer) indicated for your model in the advisory: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-127357\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-127357\u003c/a\u003e"
}
],
"value": "Upgrade to the firmware version (or newer) indicated for your model in the advisory: https://support.lenovo.com/us/en/product_security/LEN-127357 https://support.lenovo.com/us/en/product_security/LEN-127357 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-2993",
"datePublished": "2023-06-26T19:44:50.040Z",
"dateReserved": "2023-05-30T16:27:50.393Z",
"dateUpdated": "2024-11-06T21:47:48.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2659 (GCVE-0-2024-2659)
Vulnerability from cvelistv5
Published
2024-04-15 18:00
Modified
2024-08-01 19:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | SMM, SMM2, FPC |
Version: various |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:lenovo:fan_power_controller:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fan_power_controller",
"vendor": "lenovo",
"versions": [
{
"lessThan": "fhet62a-3.50",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:system_management_module_firmware:1.24:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "system_management_module_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm40b-1.27",
"status": "affected",
"version": "1.24",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"id": "CVE-2024-2659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-20T19:29:28.296207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T19:57:54.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:48.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-140420"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SMM, SMM2, FPC",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.\u003c/span\u003e\n\n"
}
],
"value": "\nA command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T18:00:12.275Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-140420"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nUpdate \n\nSMM/SMM2 or FPC\n\n to the version (or newer) indicated for your model in the advisory: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-140420\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-140420\u003c/a\u003e\u0026nbsp; \u0026nbsp;\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate \n\nSMM/SMM2 or FPC\n\n to the version (or newer) indicated for your model in the advisory: https://support.lenovo.com/us/en/product_security/LEN-140420 \u00a0 \u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-2659",
"datePublished": "2024-04-15T18:00:12.275Z",
"dateReserved": "2024-03-19T17:28:44.819Z",
"dateUpdated": "2024-08-01T19:18:48.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2992 (GCVE-0-2023-2992)
Vulnerability from cvelistv5
Published
2023-06-26 19:44
Modified
2024-09-16 14:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-405 - Asymmetric Resource Consumption (Amplification)
Summary
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Lenovo | System Management Module (SMM) |
Version: various |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nextscale_n1200_enclosure_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "fhet60b-3.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thinkagile_cp-cb-10e_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm38c-1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thinkagile_cp-cb-10_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm38c-1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkagile_hx_enclosure_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thinkagile_hx_enclosure_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm38c-1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thinkagile_vx_enclosure_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm38c-1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thinksystem_d2_enclosure_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm38c-1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_da240_enclosure_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thinksystem_da240_enclosure_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm38c-1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_dw612_enclosure_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thinksystem_dw612_enclosure_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tesm38c-1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T18:18:54.770375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T18:19:01.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:41:04.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "System Management Module (SMM)",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fan Power Controller (FPC)",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated \u0026nbsp;denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server."
}
],
"value": "An unauthenticated \u00a0denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T14:51:34.588Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to the firmware version (or newer) indicated for your model in the Lenovo Product Security:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-127357\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-127357\u003c/a\u003e"
}
],
"value": "Upgrade to the firmware version (or newer) indicated for your model in the Lenovo Product Security:\u00a0 https://support.lenovo.com/us/en/product_security/LEN-127357"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-2992",
"datePublished": "2023-06-26T19:44:40.121Z",
"dateReserved": "2023-05-30T16:27:48.220Z",
"dateUpdated": "2024-09-16T14:51:34.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-06-26 20:15
Modified
2024-11-21 07:59
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E20036ED-CC11-4093-847B-E324D5D18B04",
"versionEndExcluding": "fhet60b-3.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:nextscale_n1200_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21BACC24-DDE4-4016-97DE-60C51E5F1AC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7813CA0F-7081-4B35-A502-D7E960121989",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE24C16-2F33-4BD1-8E0F-8AB009842AB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C29AD224-2715-4B91-8F17-244C396833AA",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEF2683-FE65-4600-818F-25867008381E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx_enclosure_certified_node_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A26434A-500B-4B9C-8880-E975167448EC",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_enclosure_certified_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B43352-1245-46E2-A167-47B2E629BFA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BECD4703-45C9-4A7A-9F39-E1BE738A6E21",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C425D71A-19B5-4983-B95C-B5CB6EB7C065",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F17F2C1C-0F16-49A0-B84E-DDE31CD33D38",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_d2_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A78D856-B4DF-4B79-9901-434AE6FCE240",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_da240_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8F59EB-B8B7-4472-848E-4236C308244C",
"versionEndExcluding": "umsm10s-1.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_da240_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A2C8EE-897D-4A4A-A9EB-AEEDA427D0C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_dw612_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A82172-9767-4BB1-A399-082572B03002",
"versionEndExcluding": "umsm10s-1.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_dw612_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC0CC24-36CA-4C52-B149-F5FD48D8BB8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated \u00a0denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server."
}
],
"id": "CVE-2023-2992",
"lastModified": "2024-11-21T07:59:42.850",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-26T20:15:09.933",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-405"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-26 20:15
Modified
2024-11-21 07:59
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E20036ED-CC11-4093-847B-E324D5D18B04",
"versionEndExcluding": "fhet60b-3.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:nextscale_n1200_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21BACC24-DDE4-4016-97DE-60C51E5F1AC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7813CA0F-7081-4B35-A502-D7E960121989",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE24C16-2F33-4BD1-8E0F-8AB009842AB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C29AD224-2715-4B91-8F17-244C396833AA",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEF2683-FE65-4600-818F-25867008381E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx_enclosure_certified_node_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A26434A-500B-4B9C-8880-E975167448EC",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_enclosure_certified_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B43352-1245-46E2-A167-47B2E629BFA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BECD4703-45C9-4A7A-9F39-E1BE738A6E21",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C425D71A-19B5-4983-B95C-B5CB6EB7C065",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F17F2C1C-0F16-49A0-B84E-DDE31CD33D38",
"versionEndExcluding": "tesm38c-1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_d2_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A78D856-B4DF-4B79-9901-434AE6FCE240",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_da240_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8F59EB-B8B7-4472-848E-4236C308244C",
"versionEndExcluding": "umsm10s-1.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_da240_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A2C8EE-897D-4A4A-A9EB-AEEDA427D0C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_dw612_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A82172-9767-4BB1-A399-082572B03002",
"versionEndExcluding": "umsm10s-1.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_dw612_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC0CC24-36CA-4C52-B149-F5FD48D8BB8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute."
}
],
"id": "CVE-2023-2993",
"lastModified": "2024-11-21T07:59:42.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-26T20:15:10.000",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-04-15 18:15
Modified
2025-07-28 13:06
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52F475BC-072C-406D-AD77-8F16EF219320",
"versionEndExcluding": "FHET62A-3.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:nextscale_n1200_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21BACC24-DDE4-4016-97DE-60C51E5F1AC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "364A175A-98D4-48B1-B168-35390143B557",
"versionEndExcluding": "TESM40B-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE24C16-2F33-4BD1-8E0F-8AB009842AB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C33CD67A-8A26-4C66-93F9-051FFEDB2702",
"versionEndExcluding": "TESM40B-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEF2683-FE65-4600-818F-25867008381E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6499CDA5-FADB-44B0-B1C0-7955299B978E",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C22D09-B948-4EEE-9CEA-DAD0D8BE370E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx3721_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71798ADF-2FE0-46D0-AE38-A18CCCAA9985",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3721:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCDE6B9-6505-4E44-A444-C4C3A054B5F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx1021_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9E771A-96B3-457C-BBFA-93E5ADB8DBCF",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx1021:-:*:*:*:*:*:*:*",
"matchCriteriaId": "536A78A4-9C58-400F-AFBB-73186A0D3FDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx_e1_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62E39985-9B64-431B-A88E-0E62F9103F6F",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_e1_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8835D3-AB8F-4EED-A5EB-43939991F4B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx_e2_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17153CBA-91EC-4BBE-8FAF-A7FEA42839B1",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_e2_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "684E2F46-ECC1-4AAF-9511-E525AA953AD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx1321_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "202BE931-C605-471E-B069-CD9D4ED09B8B",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx1321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFD8C5A-D9E0-4EFF-92A3-17A6DBE7D155",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx2321_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C542D0-45A7-40F5-AAF2-4A60C8B67AC2",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx2321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E515C4-D2F2-4A71-9A9C-70A80477352A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx3321_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4A85F0-C175-42E1-93AA-83C05B2480BC",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86E6A2F7-7EC0-46E1-A973-2172B076E883",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx1331_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF7D4F7-6624-4813-B3F6-83220F2C70E3",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx1331:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD11357-E276-44E5-B825-F948D5A757CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx2331_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B494460-E2FB-4B76-B408-8653DFCBF748",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx2331:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8CBCB0-7152-4FD0-A50E-280C42BB4B5E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx3331_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECA70DA-4EDA-439A-BA61-FD4C41CB5FD4",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3331:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D66A9798-71F6-4884-AFC7-A695A713576A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx630_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13A3291E-F4A2-4C9F-A1EC-9F08BD456462",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx630_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43ADDE24-436D-4358-B4E4-2A79DDCA4240",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx3376_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F90DE7-9D8F-4BD0-B67D-35CE14D31618",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3376:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57D7A545-BE29-4F0B-AC77-8E6DE955CA5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx645_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55BF67B0-9236-4BEB-AB64-4CBA993C9CAD",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx645_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38701EB2-A107-4017-B067-3103A4DA48D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx1521-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3839A1-ABC1-40B0-8B5D-EF6949488760",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx1521-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D33A804F-C94C-4A6C-AA84-957834680652",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx3521-g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72393F5A-8F25-4898-8636-CB1F57CC0544",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3521-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0DDCC8-46B7-43FA-8A4A-BCE8AB7F8480",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx5521_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E7693D-055A-4F64-8DDC-FB602E65DF30",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx5521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "924C1B4B-6E97-4942-8000-BB59860913EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx5521-c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55B28475-3340-4A6D-B922-3A8C3BDE370F",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx5521-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5788FFBD-69B4-4FB6-A2D2-4C6BA6CCE769",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx7521_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B328C66-D227-4321-8D58-B8C4740E2EDD",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7521:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F350D6FE-7BE1-46C9-B1A6-4EE0AF8BCB55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx5531_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52E751-F07E-452E-A5CF-A8A71FEA7AFC",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx5531:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FAEAB68-0F17-45BD-B0B9-0C5FD5BBE2AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx7531_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4DE3DC-CCF7-4570-BE5C-74E34EC45D42",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7531:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD32840-AF55-49C1-A8B4-A4D3B0F85B45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx650_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FA6DED8-A005-4A68-AA45-868960E97128",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx650_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54E7D038-1562-4166-A111-2B5BD78A7342",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx665_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F452BB0-BB57-4BEC-92CF-176E63C5C22F",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx665_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "630B7326-276C-4376-9D99-C06012039043",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx7821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15AB6EF0-1DDF-4537-B884-96AD1BAFA733",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E153D62-9443-4F52-BA47-5C2704E05BC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3720_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2AEAD3-4843-4BE2-97B9-F3B0768018AE",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE87366A-7CDB-46B7-AB89-7839D41B7E25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_2u4n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4254AA2-7676-47A0-96BC-7C2337AC7191",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_2u4n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37DCD283-0F14-4795-8ECC-8BD6EEE90CDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx1320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "928D7467-B87D-4EE3-9C8E-A05C937C7FC4",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx1320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D11E00E8-4234-401D-8A0E-6EC1A15F44BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_1se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7A90D2-32C1-41D0-A113-15CCD8A2ED15",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_1se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBC1C9E-C548-4881-817B-109943BEA02F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F941D04-FD51-4E4A-994F-F91648029ED6",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A8B3E93-970D-4B49-B5A6-6BFAC45BAAC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx2320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "650CAE26-8E4D-4152-8249-9B936A54C411",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx2320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF7500A0-B95E-4E16-B532-28C139C94AF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7320-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01224EBC-5322-47D5-88AC-65573799EA73",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7320-n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A7B599-55D3-41C6-A1CF-6B39E10B973D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_1u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3ACFCC2-FD3E-455A-8520-EB88517ED17A",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_1u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C61CA8EA-F59F-4BB3-963A-163FE450A052",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx2330_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B4BE-4588-4E2A-AFB2-4BFD73A6D897",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx2330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDB5BE9-76C0-4708-805E-6DA37E91648F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3330_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F39189E1-1353-47CE-8EF4-EBF6A86912E5",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F449A0D-B2EA-4747-BA7E-88CD4371220C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7330-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85A43095-F6F5-4BD1-8909-6094F9D1BF75",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7330-n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E504236-C26E-48A0-97A3-4D8ECC16C0A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3331_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E22C069C-6F1D-4F20-8D24-591C5E1ECF5E",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3331:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCFFB6F-C269-425B-AD66-9000BBC5DAE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx630_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BFDA901-1415-478E-9B8E-36A78BFC460C",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx630_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316505C4-6A87-4F67-A3E9-888F2574C805",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx630_v4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10FAB8B5-3B3D-462B-888A-D8AED763D8CF",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx630_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5E342B-7D20-4297-8F7E-848A3A929DDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx635_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0E915A-D505-452D-BF21-D275CE50B2EA",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx635_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E13EEA34-E741-459D-9B9C-5ED6637D8B6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx2375_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABB0352-0827-49BF-8B9A-3A7D5756A7A6",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx2375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3F1E08-FE39-42DB-9240-81CBAE22FF07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3375_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B255325-8B15-40EC-8134-78B52B3509E7",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75097519-AFEB-4345-B246-8E98879698DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7375-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC6B982-0B6F-4EF2-86CF-86D630AFAFC2",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7375-n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC3D626-19FE-457D-8A46-97CC95303116",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3376_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "332F6CD4-B5AC-43DB-9766-7C04A38BEB82",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3376:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8805C5-F166-441B-BB04-A06ABAD05A6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx645_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF49E86-3943-4E0D-8B47-D9CF181AA322",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx645_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44520977-0550-4258-8D61-EC0D75D704CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx5520_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5678C9-E14E-47DB-B860-A94170CA3A8D",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704A1043-7626-412C-8666-9088B3AA1147",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7520_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F71905B-9BDC-4E13-B3D1-9977F55721AB",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E25483F5-F222-42AF-ACA4-580CD2965C55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3520-g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF812A7-1B4F-485E-9017-F3E438679FB2",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3520-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72422C47-0027-4B4E-9C82-78FE8A8A6D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx5520_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5678C9-E14E-47DB-B860-A94170CA3A8D",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704A1043-7626-412C-8666-9088B3AA1147",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_2u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D2E16A-8C55-4DF0-9508-904023068B46",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_2u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663D3BA7-F1A9-4EC5-8D31-0FC9AEEF337E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3530-g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED44325E-EDB4-40EF-AB08-041ECA24964A",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3530-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73BA833-D02E-4274-ABF7-8F1D41815AB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx5530_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB90694E-B16E-4183-9B4F-3FF7F11468E6",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx5530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81BDD8F1-B6B4-48D9-854F-9BFE19CD2B94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7530_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "544B6D51-847C-42CC-8D1D-E561E50236B9",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD5438A-321C-4C7E-9170-C80DA27F9271",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7531_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EBB538-1BB3-4D44-AC94-5FE790ACFB16",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7531:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6DC1F2D-AA5A-49D4-A0FD-491B1938406F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx650_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54BBFA-7356-478B-8025-1D362279F44E",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx650_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EDE8B8-2530-4EFE-A474-25473AD361E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx650_v4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0975339-DE5E-47A8-AF9F-64F2E511E53E",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx650_v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52017CDB-C252-487F-AE59-A639A49C6BD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx655_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4474FC-1C7E-4517-A4CC-5A04B070928D",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx655_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69DC77A3-A870-4745-AEDC-F9BE425038A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx5575_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E37ADBE0-8721-4314-8F6B-210230A4B0CB",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx5575:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20AFA839-B10E-4EEC-8D61-0F32BFA7117C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7575_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB99C6F-894E-4741-A683-E77349B00727",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7575:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0D7722-4A18-4486-AC36-A9AC44A00C97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx3575-g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37C7809F-D5A9-4E3A-A035-C87C802D26D9",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx3575-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "760F2B71-9D02-4D2F-B240-7E43BC4D9BBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx665_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC6B75A-A834-4B80-B86B-77F6B188FBCC",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx665_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05586F27-57ED-4EB2-BDB5-81828A23DBB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx850_v3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28B0C090-749E-4591-B580-E0899FE75483",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx850_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D81EB5BD-1FB3-4EFB-ACDD-34C5E1BCA5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_4u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC8D2BB-68C5-4426-AE99-9FF24F620FFA",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_4u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D2593D-E1D1-4C4F-884A-5E877E92C715",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx7820_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "136EE6F0-17B7-475C-96F8-633535EA96D0",
"versionEndExcluding": "tesm40b-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx7820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E690D37-4DFD-477A-B159-C31D50215C90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86A815F8-6E0C-4FAB-94D7-E11475B3EC7A",
"versionEndExcluding": "TESM40B-1.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_d2_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A78D856-B4DF-4B79-9901-434AE6FCE240",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_da240_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B04F7520-E13F-4272-B8E4-F2D4DFC17564",
"versionEndExcluding": "UMSM12I-1.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_da240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6782AB4-D279-469E-8CB5-DB507A67245D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinksystem_dw612_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB4745F9-8ACD-4006-99A9-6E60072368AE",
"versionEndExcluding": "UMSM12I-1.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_dw612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FC2602-DF34-4A3B-8684-D704E1C5D116",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nA command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.\n\n"
},
{
"lang": "es",
"value": "Se identific\u00f3 una vulnerabilidad de inyecci\u00f3n de comandos en SMM/SMM2 y FPC que podr\u00eda permitir que un usuario autenticado con privilegios elevados ejecute comandos del sistema al realizar una funci\u00f3n administrativa espec\u00edfica."
}
],
"id": "CVE-2024-2659",
"lastModified": "2025-07-28T13:06:05.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-04-15T18:15:10.837",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-140420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-140420"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
}
]
}