If multiple users are concurrently logged into a single system where one user is sending a command via the Lenovo ToolsCenter Advanced Settings Utility (ASU), UpdateXpress System Pack Installer (UXSPI) or Dynamic System Analysis (DSA) to a second machine, the other users may be able to see the user ID and clear text password that were used to access the second machine during the time the command is processing.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published: 2017-06-20T00:00:00

Updated: 2024-08-05T14:39:40.750Z

Reserved: 2016-12-16T00:00:00

Link: CVE-2017-3743

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-06-20T00:29:00.297

Modified: 2024-11-21T03:26:03.090

Link: CVE-2017-3743

cve-icon Redhat

No data.