Lenovo Thinksystem Sr850 V3 Firmware
By the Year
In 2024 there have been 0 vulnerabilities in Lenovo Thinksystem Sr850 V3 Firmware . Last year Thinksystem Sr850 V3 Firmware had 3 security vulnerabilities published. Right now, Thinksystem Sr850 V3 Firmware is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 3 | 8.03 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Thinksystem Sr850 V3 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Lenovo Thinksystem Sr850 V3 Firmware Security Vulnerabilities
An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command
CVE-2023-4608
7.2 - High
- October 25, 2023
An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
SQL Injection
An authenticated XCC user
CVE-2023-4607
8.8 - High
- October 25, 2023
An authenticated XCC user can change permissions for any user through a crafted API command.
Improper Privilege Management
An authenticated XCC user with Read-Only permission can change a different users password through a crafted API command
CVE-2023-4606
8.1 - High
- October 25, 2023
An authenticated XCC user with Read-Only permission can change a different users password through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Lenovo Thinksystem St658 V3 Firmware or by Lenovo? Click the Watch button to subscribe.
