Lucene search

[email protected]NVD:CVE-2016-8224

HistoryNov 29, 2016 - 8:59 p.m.

CVE-2016-8224

2016-11-2920:59:02

CWE-310

[email protected]

web.nvd.nist.gov

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system.

Affected configurations

NVD

Node

lenovobiosMatch-

lenovonotebook_110_14ibr_biosMatch-

lenovonotebook_110_15ibr_biosMatch-

lenovonotebook_b70_80_biosMatch-

lenovonotebook_e31_80_biosMatch-

lenovonotebook_e40_80_biosMatch-

lenovonotebook_e41_80_biosMatch-

lenovonotebook_e51_80_biosMatch-

lenovonotebook_g40_80_biosMatch-

lenovonotebook_g50_80_biosMatch-

lenovonotebook_g50_80_touch_biosMatch-

lenovonotebook_ideapad_300_14ibr_biosMatch-

lenovonotebook_ideapad_300_14isk_biosMatch-

lenovonotebook_ideapad_300_15ibr_biosMatch-

lenovonotebook_ideapad_300_15isk_biosMatch-

lenovonotebook_ideapad_300_17isk_biosMatch-

lenovonotebook_ideapad_510s_12isk_biosMatch-

lenovonotebook_k21_80_biosMatch-

lenovonotebook_k41_80_biosMatch-

lenovonotebook_miix_710_12ikb_biosMatch-

lenovonotebook_xiaoxin_air_12_biosMatch-

lenovonotebook_yoga_510_14isk_biosMatch-

lenovonotebook_yoga_510_15isk_biosMatch-

lenovonotebook_yoga_710_11ikb_biosMatch-

lenovonotebook_yoga_710_11isk_biosMatch-

lenovonotebook_yoga_900_13isk_biosMatch-

lenovonotebook_yoga_900s_12isk_biosMatch-

lenovothinkserver_ts150_biosMatch-

lenovothinkserver_ts450_biosMatch-

AND

lenovonotebook_110_14ibrMatch-

lenovonotebook_110_15ibrMatch-

lenovonotebook_b70_80Match-

lenovonotebook_e31_80Match-

lenovonotebook_e40_80Match-

lenovonotebook_e41_80Match-

lenovonotebook_e51_80Match-

lenovonotebook_g40_80Match-

lenovonotebook_g50_80Match-

lenovonotebook_g50_80_touchMatch-

lenovonotebook_ideapad_300_14ibrMatch-

lenovonotebook_ideapad_300_14iskMatch-

lenovonotebook_ideapad_300_15ibrMatch-

lenovonotebook_ideapad_300_15iskMatch-

lenovonotebook_ideapad_300_17iskMatch-

lenovonotebook_ideapad_510s_12iskMatch-

lenovonotebook_k21_80Match-

lenovonotebook_k41_80Match-

lenovonotebook_miix_710_12ikbMatch-

lenovonotebook_xiaoxin_air_12Match-

lenovonotebook_yoga_510_14iskMatch-

lenovonotebook_yoga_510_15iskMatch-

lenovonotebook_yoga_710_11ikbMatch-

lenovonotebook_yoga_710_11iskMatch-

lenovonotebook_yoga_900_13iskMatch-

lenovonotebook_yoga_900s_12iskMatch-

lenovothinkserver_ts150Match-

lenovothinkserver_ts450Match-

References

www.securityfocus.com/bid/94595

support.lenovo.com/us/en/solutions/LEN_9903

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2016-8224

lenovo2 prion1 cve1 cvelist1