CVE-2022-4816 : A denial-of-service vulnerability has been identified in Lenovo Safecenter that

A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local user to crash the application.

Published 2023-01-23 17:15:11

Updated 2023-02-01 02:44:12

Source Lenovo Group Ltd.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2022-4816

Lenovo » Safecenter
Versions before (<) 7.2.01.0315
cpe:2.3:a:lenovo:safecenter:*:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 9 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
6.2	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	2.5	3.6	Lenovo Group Ltd.
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

Assigned by: psirt@lenovo.com (Secondary)

https://iknow.lenovo.com.cn/detail/dc_205899.html

【安全公告】 LEN-102362 联想安全中心拒绝服务漏洞-联想知识库
Vendor Advisory

Jump to