Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
lenovoLenovoLENOVO:PS500112-NOSID
HistoryAug 08, 2017 - 12:00 a.m.

Login information processed by the IMM2 may be exposed to local IMM2 users - us

2017-08-0800:00:00
support.lenovo.com
43

0.001 Low

EPSS

Percentile

25.4%

JSON

Lenovo Security Advisory: LEN-14054

Potential Impact: Disclosure of login credentials to user with local privileges

Severity: Medium

Scope of Impact: Lenovo Specific

**CVE Identifier:**CVE-2017-3744

Summary Description:

A risk has been identified in the IMM2 firmware of Lenovo System x servers where remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update the IMM2 to the latest firmware version.

Related

cve 1
lenovo 1
prion 1
nvd 1
cvelist 1
cve
cve
CVE-2017-3744
2017-06-20 00:29:00
lenovo
lenovo
Login information processed by the IMM2 may be exposed to local IMM2 users - Lenovo Support US
2017-08-08 00:00:00
prion
prion
Design/Logic Flaw
2017-06-20 00:29:00
nvd
nvd
CVE-2017-3744
2017-06-20 00:29:00
cvelist
cvelist
CVE-2017-3744
2017-06-20 00:00:00

0.001 Low

EPSS

Percentile

25.4%

JSON
Related for LENOVO:PS500112-NOSID
cve1lenovo1prion1nvd1cvelist1