Lenovo : Security Vulnerabilities, CVEs, Published In June 2017 (Gain Privilege)
Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local privileges on a system to alter registry keys.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-06-29
Updated
2019-10-03
In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authenticated to the LXCA's internal LDAP server, including administrative accounts and service accounts with administrative privileges. This is an issue only for users who have used local authentication with LXCA and not remote authentication against external LDAP or ADFS servers.
Max CVSS
7.8
EPSS Score
0.17%
Published
2017-06-20
Updated
2017-06-30
2 vulnerabilities found