Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-6179 | 1 Lenovo | 2 Xclarity Administrator, Xclarity Integrator | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior to version 6.1.0 that could allow information disclosure. | |||||
CVE-2018-9072 | 1 Lenovo | 1 Xclarity Integrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
In versions prior to 5.5, LXCI for VMware allows an authenticated user to download any system file due to insufficient input sanitization during file downloads. | |||||
CVE-2018-16097 | 1 Lenovo | 1 Xclarity Integrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate. | |||||
CVE-2018-16093 | 1 Lenovo | 1 Xclarity Integrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file. |