A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to store malformed data in LXCA Jobs and Event Log data, that could result in crafted formulas stored in an exported CSV file. The crafted formula is not executed on LXCA itself.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://support.lenovo.com/solutions/LEN-27805 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: lenovo
Published: 2019-09-03T18:50:11.119064Z
Updated: 2024-09-17T02:11:43.067Z
Reserved: 2019-01-11T00:00:00
Link: CVE-2019-6182
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-03T19:15:10.837
Modified: 2024-11-21T04:46:07.093
Link: CVE-2019-6182
Redhat
No data.