An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server.
References
Link | Resource |
---|---|
https://support.lenovo.com/us/en/product_security/LEN-127357 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
16 Sep 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-405 |
05 Jul 2023, 17:27
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:lenovo:thinksystem_dw612_enclosure:-:*:*:*:*:*:*:* cpe:2.3:o:lenovo:thinksystem_dw612_enclosure_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:lenovo:thinkagile_cp-cb-10:-:*:*:*:*:*:*:* cpe:2.3:o:lenovo:thinkagile_hx_enclosure_certified_node_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:lenovo:thinksystem_d2_enclosure:-:*:*:*:*:*:*:* cpe:2.3:h:lenovo:thinkagile_hx_enclosure_certified_node:-:*:*:*:*:*:*:* cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:lenovo:thinkagile_cp-cb-10e:-:*:*:*:*:*:*:* cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:lenovo:thinksystem_da240_enclosure_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:lenovo:thinksystem_da240_enclosure:-:*:*:*:*:*:*:* cpe:2.3:h:lenovo:thinkagile_vx_enclosure:-:*:*:*:*:*:*:* cpe:2.3:h:lenovo:nextscale_n1200_enclosure:-:*:*:*:*:*:*:* cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:*:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
First Time |
Lenovo thinkagile Cp-cb-10
Lenovo thinksystem D2 Enclosure Firmware Lenovo thinksystem Dw612 Enclosure Firmware Lenovo thinkagile Vx Enclosure Lenovo thinkagile Cp-cb-10 Firmware Lenovo thinksystem D2 Enclosure Lenovo nextscale N1200 Enclosure Lenovo thinkagile Vx Enclosure Firmware Lenovo thinksystem Da240 Enclosure Lenovo thinkagile Hx Enclosure Certified Node Lenovo thinksystem Da240 Enclosure Firmware Lenovo thinksystem Dw612 Enclosure Lenovo thinkagile Cp-cb-10e Lenovo Lenovo thinkagile Hx Enclosure Certified Node Firmware Lenovo nextscale N1200 Enclosure Firmware Lenovo thinkagile Cp-cb-10e Firmware |
|
References | (MISC) https://support.lenovo.com/us/en/product_security/LEN-127357 - Vendor Advisory |
26 Jun 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-26 20:15
Updated : 2024-09-16 15:15
NVD link : CVE-2023-2992
Mitre link : CVE-2023-2992
CVE.ORG link : CVE-2023-2992
JSON object : View
Products Affected
lenovo
- thinkagile_cp-cb-10_firmware
- nextscale_n1200_enclosure_firmware
- thinksystem_d2_enclosure_firmware
- thinkagile_hx_enclosure_certified_node_firmware
- nextscale_n1200_enclosure
- thinkagile_vx_enclosure_firmware
- thinksystem_da240_enclosure_firmware
- thinksystem_d2_enclosure
- thinkagile_vx_enclosure
- thinkagile_cp-cb-10e_firmware
- thinkagile_hx_enclosure_certified_node
- thinksystem_da240_enclosure
- thinkagile_cp-cb-10
- thinksystem_dw612_enclosure
- thinksystem_dw612_enclosure_firmware
- thinkagile_cp-cb-10e
CWE