Filtered by vendor Lenovo
Subscriptions
Filtered by product Thinkagile Hx1021 Edge Certified Node 3yr Firmware
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-8278 | 1 Lenovo | 139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more | 2024-09-14 | 7.2 High |
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands. | ||||
CVE-2024-8279 | 1 Lenovo | 139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more | 2024-09-14 | 7.2 High |
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads. | ||||
CVE-2024-8280 | 1 Lenovo | 139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more | 2024-09-14 | 7.2 High |
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection or cause a recoverable denial of service using a specially crafted file. | ||||
CVE-2024-8281 | 1 Lenovo | 139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more | 2024-09-14 | 7.2 High |
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input in the XCC SSH captive shell. |
Page 1 of 1.