Known Vulnerabilities for Thinkagile Mx3531 H Hybrid by Lenovo
Listed below are 4 of the newest known vulnerabilities associated with "Thinkagile Mx3531 H Hybrid" by "Lenovo".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-4608 json | An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API com... | 7.2 - HIGH | 2023-10-25 | 2023-11-07 |
| CVE-2023-4607 json | An authenticated XCC user can change permissions for any user through a crafted API command. | 8.8 - HIGH | 2023-10-25 | 2023-11-07 |
| CVE-2023-4606 json | An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. ... | 8.1 - HIGH | 2023-10-25 | 2023-11-07 |
| CVE-2022-40137 json | A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privilege... | 6.7 - MEDIUM | 2023-01-30 | 2023-02-08 |