Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:h:lenovo:thinkserver_td350:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-40137 |
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code. Published: January 30, 2023; 5:15:12 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-40134 |
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. Published: January 30, 2023; 5:15:12 PM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2017-17833 |
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. Published: April 23, 2018; 2:29:00 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2016-8236 |
Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77. Published: March 03, 2017; 1:59:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-3324 |
The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers. Published: April 16, 2015; 7:59:05 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-3323 |
The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of service (web interface crash) via a malformed HTTP request during authentication. Published: April 16, 2015; 7:59:04 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-3322 |
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors. Published: April 16, 2015; 7:59:03 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |