Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-3616

Summary
Assigner-lenovo
Assigner Org ID-da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At-17 Aug, 2021 | 16:25
Updated At-03 Aug, 2024 | 17:01
Rejected At-
Credits

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:lenovo
Assigner Org ID:da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At:17 Aug, 2021 | 16:25
Updated At:03 Aug, 2024 | 17:01
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.

Affected Products
Vendor
Lenovo Group LimitedLenovo
Product
Smart Camera X3, X5, and C2E firmware
Versions
Affected
  • From unspecified before 01.03.29.16 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-285CWE-285 Improper Authorization
Type: CWE
CWE ID: CWE-285
Description: CWE-285 Improper Authorization
Metrics
VersionBase scoreBase severityVector
3.19.4CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Version: 3.1
Base score: 9.4
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update to Lenovo Smart Camera X3, X5, and C2E firmware version 01.03.29.16 or later.

Configurations

Workarounds

Exploits

Credits

Lenovo thanks Charles Jiang and Xingcan Chen from Lenovo Global Security Lab for reporting these issues.
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_198417.html
x_refsource_MISC
https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651
x_refsource_MISC
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_198417.html
Resource:
x_refsource_MISC
Hyperlink: https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_198417.html
x_refsource_MISC
x_transferred
https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651
x_refsource_MISC
x_transferred
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_198417.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@lenovo.com
Published At:17 Aug, 2021 | 17:15
Updated At:30 Aug, 2021 | 18:31

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.19.4CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.4
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

Lenovo Group Limited
lenovo
>>smart_camera_c2e_firmware>>Versions before 01.03.29.16(exclusive)
cpe:2.3:o:lenovo:smart_camera_c2e_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>smart_camera_c2e>>-
cpe:2.3:h:lenovo:smart_camera_c2e:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>smart_camera_x3_firmware>>Versions before 01.03.29.16(exclusive)
cpe:2.3:o:lenovo:smart_camera_x3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>smart_camera_x3>>-
cpe:2.3:h:lenovo:smart_camera_x3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>smart_camera_x5_firmware>>Versions before 01.03.29.16(exclusive)
cpe:2.3:o:lenovo:smart_camera_x5_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>smart_camera_x5>>-
cpe:2.3:h:lenovo:smart_camera_x5:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-285Secondarypsirt@lenovo.com
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-285
Type: Secondary
Source: psirt@lenovo.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://iknow.lenovo.com.cn/detail/dc_198417.htmlpsirt@lenovo.com
Vendor Advisory
https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651psirt@lenovo.com
Not Applicable
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_198417.html
Source: psirt@lenovo.com
Resource:
Vendor Advisory
Hyperlink: https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651
Source: psirt@lenovo.com
Resource:
Not Applicable

Change History

0
Information is not available yet

Similar CVEs

130Records found

CVE-2015-5684
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.69% / 88.47%
||
7 Day CHG~0.00%
Published-27 Mar, 2020 | 14:05
Updated-06 Aug, 2024 | 06:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the Lenovo Service Engine (LSE), affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execute arbitrary code on the system.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-edge_15_firmwareg50-80_touch_v3000z51-70ideapad_100-15ibyg40-80mz41-70_firmwareflex_2_pro-15s435g50-80mideapad_100-15iby_firmwareu31-70ideapad_100-14ibys21e_firmwarez70-80g40-80u41-70g50-80_touch_v3000_firmwarez41-70flex_3-1120m40-35_firmwareyoga_3_11flex_3-1570_firmwarez51-70_firmwareu41-70_firmwareyoga_3_11_firmwareg50-80_touch_firmwarey40-80_firmwareg50-80_touchyoga_3_14g50-80_firmwares41-70_firmwareyoga_3_14_firmwarez70-80_firmwareedge_15g70-80_firmwarem40-35flex_2_pro-15_firmwareb50-10_firmwareflex_3-1470flex_3-1120_firmwares21eg50-80u31-70_firmwareb50-10ideapad_100-14iby_firmwarey40-80g40-80m_firmwares41-70s435_firmwareg50-80m_firmwareg40-80_firmwareg70-80flex_3-1570flex_3-1470_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2014-1939
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.07% / 61.11%
||
7 Day CHG~0.00%
Published-03 Mar, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels.

Action-Not Available
Vendor-n/aGoogle LLCLenovo Group Limited
Product-androidshareitn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-6167
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-8.8||HIGH
EPSS-2.48% / 82.73%
||
7 Day CHG~0.00%
Published-26 Jun, 2019 | 14:12
Updated-16 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow remote code execution.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ideacentretabletthinkpadthinkcentreideapadthinkstationyogaservice_bridgeService Bridge
CVE-2019-6168
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-8.8||HIGH
EPSS-2.48% / 82.73%
||
7 Day CHG~0.00%
Published-26 Jun, 2019 | 14:12
Updated-16 Sep, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow remote code execution.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ideacentretabletthinkpadthinkcentreideapadthinkstationyogaservice_bridgeService Bridge
CVE-2018-9079
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-9.8||CRITICAL
EPSS-1.23% / 65.67%
||
7 Day CHG~0.00%
Published-28 Sep, 2018 | 20:00
Updated-05 Aug, 2024 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Iomega and LenovoEMC NAS Web UI Vulnerabilities

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model (DOM) of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the origin of the device.

Action-Not Available
Vendor-Lenovo Group Limited
Product-px4-300r_firmwarestorcenter_px12-400rstorcenter_px2-300dpx4-400rstorcenter_ix4-300dpx4-300dstorcenter_px12-450r_firmwarepx6-300d_firmwarepx4-300d_firmwarepx4-300rix2ix4-300d_firmwarepx2-300dix4-300dstorcenter_px4-300d_firmwarepx4-400r_firmwareez_media_\&_backup_center_firmwarepx12-450rstorcenter_px2-300d_firmwarestorcenter_ix2storcenter_px4-300rpx2-300d_firmwareix2_firmwarepx6-300dstorcenter_ix4-300d_firmwarestorcenter_ix2-dl_firmwarestorcenter_px12-400r_firmwarestorcenter_px4-300r_firmwarepx4-400dstorcenter_ix2-dlstorcenter_px6-300dpx4-400d_firmwarestorcenter_px12-450rstorcenter_px6-300d_firmwarestorcenter_px4-300dpx12-400r_firmwareez_media_\&_backup_centerpx12-400rpx12-450r_firmwarestorcenter_ix2_firmwareLenovoEMCEZ Media and Backup CenterIomega StorCenter
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2018-14066
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 35.24%
||
7 Day CHG~0.00%
Published-15 Jul, 2018 | 16:00
Updated-16 Sep, 2024 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affects Infinix X571 phones, as well as various Lenovo phones (such as the A7020) that have since been fixed by Lenovo.

Action-Not Available
Vendor-infinixmobilityn/aLenovo Group LimitedGoogle LLC
Product-androidlenovo_a7020infinix_x571n/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-3897
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.93%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 21:10
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected.

Action-Not Available
Vendor-IBM CorporationLenovo Group Limited
Product-thinkagile_vx_enclosurenextscale_n1200_enclosure_firmwarethinkagile_hx_enclosure_certified_nodethinksystem_d2_enclosure_firmwarenextscale_fan_power_controller_firmwarenextscale_fan_power_controllerthinksystem_d2_enclosurethinkagile_vx_enclosure_firmwarenextscale_n1200_enclosurethinkagile_hx_enclosure_certified_node_firmwareFan Power Controller2 (FPC2)Lenovo System Management Module (SMM)
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2021-3849
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-9.8||CRITICAL
EPSS-1.25% / 66.09%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 21:10
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected.

Action-Not Available
Vendor-IBM CorporationLenovo Group Limited
Product-thinkagile_vx_enclosurenextscale_n1200_enclosure_firmwarethinkagile_hx_enclosure_certified_nodethinksystem_d2_enclosure_firmwarenextscale_fan_power_controller_firmwarenextscale_fan_power_controllerthinksystem_d2_enclosurethinkagile_vx_enclosure_firmwarenextscale_n1200_enclosurethinkagile_hx_enclosure_certified_node_firmwareFan Power Controller2 (FPC2)Lenovo System Management Module (SMM)
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2020-8349
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-9.8||CRITICAL
EPSS-2.25% / 80.92%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 21:25
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An internal security review has identified an unauthenticated remote code execution vulnerability in Cloud Networking Operating System (CNOS)’ optional REST API management interface. This interface is disabled by default and not vulnerable unless enabled. When enabled, it is only vulnerable where attached to a VRF and as allowed by defined ACLs. Lenovo strongly recommends upgrading to a non-vulnerable CNOS release. Where not possible, Lenovo recommends disabling the REST API management interface or restricting access to the management VRF and further limiting access to authorized management stations via ACL.

Action-Not Available
Vendor-Lenovo Group Limited
Product-rackswitch_ne1072trackswitch_ne2572rackswitch_ne1032rackswitch_g8296rackswitch_g8272cloud_networking_operating_systemrackswitch_ne0152trackswitch_ne10032rackswitch_g8332rackswitch_ne1032tCloud Networking Operating System (CNOS)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2017-3758
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-9.8||CRITICAL
EPSS-2.72% / 84.36%
||
7 Day CHG~0.00%
Published-17 Oct, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution.

Action-Not Available
Vendor-Lenovo Group Limited
Product-service_frameworkService Framework application
CVE-2019-6188
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-9.8||CRITICAL
EPSS-1.32% / 67.70%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 20:40
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ThinkPad T460p and T470p BIOS Tamper Mechanism

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which may allow for unauthorized access.

Action-Not Available
Vendor-Lenovo Group Limited
Product-s340-15iwl_touchl340-17irh_firmwarezhaoyang_e43-80_kbl_firmwareqitian_m4650v330-14isk_firmwarea340-22_iwl_firmware720s-15ikb_firmwarethinkpad_e490ideacentre_730s-24ikb_firmwarev110-15ikbthinkcentre_m73p130-15ikb_firmwarethinkcentre_m720qlegion_y740-17ichgthinkpad_p51sthinkpad_p53thinkpad_e450cthinkcentre_m79_firmwareyta8900fthinkpad_p72_firmwarethinkpad_l590thinkcentre_e93_firmwarerescuer_y7000p\(1060\)130-14ikb_firmwareyangtian_ws_h81_firmwarethinkpad_p52thinkpad_e560p_firmwarethinkpad_p70aio_330-20astthinkpad_e470_firmware330-15ikbrv530s-07icb_firmwarem4500_firmwarethinkpad_e460thinkpad_yoga_11ethinkpad_x280thinkcentre_m83_firmwarethinkstation_p318_firmwarethinkpad_tablet_8_firmwarec340-14iwl_firmwarelegion_t530-28icbthinkpad_l470_firmwares540-14iwl_firmwarelegion_t730-28ico330c-14ikbs540-14iwl_touch_firmwarethinkpad_l380_firmwarelegion_y740-15ichgthinkcentre_e74_firmwarethinkpad_r590_firmwareqitian_b5900_firmwarethinkpad_t560_firmwarethinkpad_t580thinkcentre_m4500kthinkcentre_m6500t_firmwarethinkcentre_m93z_\(aio\)yoga_s940-14iwl_firmwarethinkpad_x1_yogathinkcentre_m625q_firmwarethinkpad_t570_firmwarelegion_y520t_z370legion_t530-28icb_reflash_firmwarethinkcentre_m4500t_firmwares340-14iwlqt_b415_firmwareyangtian_wf_h81_pci_firmwareqitian_m4600_firmware340c-15ikb_firmwarethinkcentre_m910x_firmwarethinkcentre_m910s_firmwareyangtian_afh110_firmwareyangtian_wf_h110_pci_firmwarethinkpad_x380_yoga_firmwareyangtian_afq150_firmwarev320-14ikby7000_2019_1050v330-14ikb_firmwarethinkpad_w540h50-30g_desktopv330-14iskyoga_s940-14iwlyangtian_tc_h81_pci_firmwarethinkcentre_x1_aiothinkpad_p52_firmwarethinkpad_s2_yoga_4th_gen_firmwarethinkcentre_m720s_firmwarethinkpad_t580_firmwarelegion_t530-28aprideacentre_720-18icb_firmwareyoga530-14ikb_firmwares540-14iwl_touchthinkcentre_m4600tthinkcentre_m920q_firmwarezhaoyang_k42-80thinkpad_t25lenovo_v720-14ikbqt_a7400s540-15iwl_firmwareaio_330-20igm_firmwarethinkpad_t460sideacentre_300s-11ish_firmware510-15iklaio_520-24ast_firmwareyangtian_mf_h81_pci330-14ikb_firmware720s_touch-15ikb_firmwarethinkpad_e570thinkcentre_m79v310-14ikbthinkstation_p318thinkcentre_m700sthinkpad_x1_extreme_firmwarev130-14ikbthinkcentre_m6600t_firmware330-15ikb_firmwarethinkpad_e550thinkcentre_m8600s_firmwarec340-14iwlv310-15ikb_firmwareyoga_730-13iwl_firmwarethinkcentre_m715q_firmwarethinkpad_tablet_10_firmwarethinkcentre_m73_firmwarethinkpad_t440qitian_b4550_firmwarethinkpad_e580thinkcentre_e73_firmwarethinkcentre_m920t_firmwarethinkcentre_e93thinkcentre_m6500s_firmwareyoga_11e_3rd_genthinkpad_p71thinkcentre_m710q330-15ikbr_touchthinkpad_10_firmwarethinkpad_p51s_firmwarethinkcentre_m710e_firmwarethinkcentre_m8500ss145-15ikbthinkpad_x250thinkcentre_m900_firmwarev310z\(yt_s3150\)_firmware330-15ich_firmwarel340-15iwltouchthinkcentre_e75sthinkcentre_m920zyangtian_mc_h81_firmwarethinkcentre_m9550zthinkcentre_e74zideacentre_720-18aprthinkcentre_m9550z_firmwarethinkpad_helix_firmwarethinkpad_t480s_firmwarelegion_y9000p_2019_firmwarethinkpad_s3_3rd_genthinkcentre_m73p_firmwarelegion_y9000p_2019v130-14ikb_firmwarexiaoxin_tide_7000-15_u42thinkcentre_m7300z_firmwarethinkcentre_m6600qthinkcentre_m8350z_firmwarev310-14isk_firmwares145-14ikb_firmwarec340-15iwlwei5-14ikb_firmwarethinksystem_odc5200-cn650s_firmwarelegion_y740-15irhg_firmwarethinkcentre_m820zv110-14ikb_firmwarev310z\(yt_s3150\)v110-14ikbthinkpad_l560_firmwarethinkcentre_s510_firmwarelegion_y730-15ich_firmware330-14ikbthinkpad_p53s_firmwares145-15ikb_firmwareyangtian_tc_h81_pciyoga_s730-13iwll340-15irh_firmwarethinkstation_p300_firmwarel340-17irhthinkpad_p52sthinkpad_t470_firmwarethinkcentre_m73_tiny_firmwarethinkcentre_m920x_firmwarethinkcentre_m6600_firmwarethinkpad_t480_firmware530s-14iwl_firmwarethinkpad_x1_carbon_firmwarerescuer_y7000p\(1060\)_firmwarelegion_c730-19icothinkcentre_m4500q_firmwarethinkpad_e580_firmwareaio520-24iku_firmwarem4550_id_firmware530s-15ikbthinkpad_t570thinkpad_l560ideacentre_510-15icb_firmwarethinkcentre_m6600tthinkpad_t590yoga_11e_4th_gen_firmwarethinkpad_t550xiaoxin-14_2019iwlthinkpad_x1_tabletwei5-14ikbxiaoxin-14_2019iwl_firmwarethinkpad_t450sqt_a7400_firmwarev130-15ikbthinkcentre_m73yangtian_ws_h81rescuer_y7000yoga_s730-13iwl_firmwarev530-22icb\(yt_s4350\)thinkstation_p310_firmwareaio520-22ikuthinkpad_tablet_8thinkcentre_e96z_firmwarethinkpad_l390_yoga_firmwaree52-80yangtian_mc_h110thinkpad_x270k43c-80thinkpad_l580_firmwarev510-15ikbthinkcentre_m715qyoga_520-14ikbh50-30g_desktop_firmwarethinkpad_p50s_firmwarelegion_y530-15ich\(1060\)_firmwareaio520-22ikl_firmwareideacentre_300s-11ishv320-15ikb_firmwarethinkpad_t440p_firmwarethinkpad_l470xiaoxin_air-14iwl_2019thinkpad_t440s_firmwarethinkpad_e570_firmwarethinkpad_s5_firmwareyogo_a940-27icb_firmwarethinkpad_t440pideacentre_310s-08asr_firmwarethinkcentre_m9350zthinkpad_tablet_10a340-22_iwllegion_y9000k_2019thinkpad_x390_yoga_firmwareyoga_11e_4th_gen730s-13iwlthinkpad_l380thinkpad_t450_firmwarelegion_t530-28apr_firmwarethinkpad_x1_yoga_firmwarethinkpad_t590_firmwares340-14iwl_touchthinkpad_s1_yoga_firmwarethinkpad_x1_extremelegion_c530-19icbyangtian_wcc_h81_pcithinkpad_l490_firmwarethinkcentre_e73syoga530-14ikbthinkpad_x1_carbonthinkpad_e560_firmwarelegion_y7000p-1060_firmwarethinkpad_t460p_firmwarexiaoxin_air_14iwlthinkcentre_m8600s330-17ich_firmwarev310-15ikbxiaoxin-15_2019iwl_firmwarethinkpad_r490yangtian_mc_h81flex-15iwlaio_330-20ast_firmwareideacentre_510a-15icblegion_y730-17ich_firmwareyoga_11e_3rd_gen_firmwarethinkcentre_m710s_firmwarethinkpad_e590xiaoxin_air_14ikbrc340-15iwl_firmwarethinkcentre_m73_tinya340-22icbthinkcentre_e74s_firmwareyangtian_wc_h110_pcithinkpad_p1_firmwarethinkpad_s5_yoga_15v330-15igma340-22ast_firmwareqt_m410xiaoxin_air_15iwlthinkpad_yoga_11e_firmware330-14ikbryoga_730-13ikbv510-15ikb_firmwarev410z\(yt_s4250\)aio520-22iklthinkpad_l480_firmwarethinkpad_x380_yoga530s-15iwl_firmwarexiaoxin_air_13iwl_firmwareaio520-24ikurescuer_y7000pthinkpad_x131ethinkstation_p320rescuer_y7000p_firmwareqitian_4500thinkcentre_m93_firmwareyoga_730-13iwlv520t-15iklthinkcentre_m710t_firmwares340-14iwl_firmwareqitian_a815v510z_\(yt_s5250\)_firmwarethinksystem_hr650x_\(skl\)_firmwarethinkpad_l450qitian_m4650_firmwarethinkpad_t470s_firmwarethinkcentre_e73s_firmwareaio520-24ikl_firmwarezhaoyang_e53-80thinkpad_r590thinkpad_p50aio_520-24aste42-80_firmwarethinkcentre_m800_firmware530s-15ikb_firmwarethinkpad_p43s_\(20rx\)_firmwarev330-15ikbideacentre_310s-08igm_firmwarethinkcentre_m700tthinkpad_t440sqt_b415s340-15iwl_firmwareyangtian_we_h110_firmware330-15ikbflex_5-1570\(r\)thinkpad_p70_firmwarexx_chao5000-ikbra_firmwarethinkpad_13thinkpad_t470thinkcentre_m7300zs530-13iwl_firmwarethinkcentre_m700s_firmwarethinkcentre_e74lenovo_v720-14ikb_firmwarelegion_y530-15ich_firmwareyangtian_mc_h110_pciqitian_m4550330c-15ikbrthinkpad_e480v520s-08iklxiaoxin_air_14iwl_firmwarethinkpad_l380_yoga330-17ikbr_firmwarethinkpad_s3thinkcentre_m8600t_firmwarethinkcentre_m820z_firmware720s_touch-15ikblegion_y7000p-1060thinkpad_e470xiaoxin-14iwl_qc_2019720s-14ikbrthinkcentre_m4600t_firmwarerescuer_y7000_firmwarem4500yangtian_afh110a340-24_iwlthinkpad_helixflex_6-14ikbthinkpad_w550s_firmwarev320-17ikbrxiaoxin-15_2019iwlyangtian_mf_h110_pci_firmwareideacentre_700thinkcentre_m900z_firmwareideacentre_310s-08asr720s-15ikbthinkcentre_m83z_\(aio\)_firmwarethinkcentre_m720q_firmwarethinkcentre_m715sthinkpad_l460_firmwarethinkcentre_s510thinkpad_w541thinkcentre_m715q_rrthinkcentre_m700za340-22icb_firmwarethinkcentre_e95z_firmwarexiaoxin_air-15iwl_2019_firmwarethinkcentre_e96zthinkcentre_m818z_firmwarev530-22icb\(yt_s4350\)_firmwaremiix_720-12ikb_firmwarewei5-15ikbthinkpad_x240s_firmwarea340-24_iwl_firmwarethinkcentre_m715q_rr_firmwarethinkpad_l460yoga_520-14ikb_firmware510s-08ikl_firmwarethinkcentre_m710ea340-22ast330c-14ikb_firmwarev410z\(yt_s4250\)_firmwarethinkstation_p310thinkpad_s2_yoga_4th_genthinksystem_odc5200-cn650sthinkcentre_m4500sthinkpad_11ethinkstation_e32_firmwarethinkpad_t460pthinkpad_p1s340-15iwlthinkpad_x140elegion_y520t_z370_firmwareideacentre_510-15icbideacentre_510s-08ish340c-15ikbthinkpad_l380_yoga_firmwarethinkpad_x1_tablet_firmware530s-14ikb_firmwarev320-14ikb_firmwarethinkcentre_m920tthinkcentre_m715t_firmwarethinkpad_x390thinkcentre_m710tthinkpad_s540v520s-08ikl_firmwarethinkcentre_m720ty7000_2019_1050_firmwarev110-15ikb_firmwarelegion_t530-28apr_reflashlegion_c530-19icb_firmwares540-15iwll340-15irhideacentre_700_firmwareqt_m415_firmware340c-15iwlv130-15ikb_firmwarethinkpad_s3_firmwarexiaoxin_air-14iwl_2019_firmware330c-15ikbr_firmwarev310-14iskxiaoxin_tide_7000-15_u22thinkpad_s531_firmwarethinkpad_t490_firmwareqitian_b4650_firmwarev540-24iwl\(yt_s5430\)330-15ikbr_firmwarezhaoyang_k42-80_firmwarethinkpad_l390_yogayoga_730-15ikb_firmwareflex_6-1470aio520-24iklthinkpad_x240_firmwarethinkcentre_m4600s_firmwarethinkpad_l450_firmwarethinkcentre_m700z_firmwarethinkpad_13_firmwaremiix_720-12ikblegion_y740-17irhgxiaoxin_air-15iwl_2019thinkpad_l570_firmwarethinkpad_w540_firmwareflex-14iwlflex-15iwl_firmwareyangtian_mc_h110_pci_firmwarethinkpad_e550cthinkpad_e490sthinkcentre_e95zv330-15isklegion_t530-28icb_reflashwei5-15ikb_firmware330-17ikbthinkpad_s540_firmware330-17ichthinkcentre_m600_firmwarev730-15ikb_firmwarea340-24icbthinkcentre_m910q_firmwares340-15iwl_touch_firmwareqt_m410_firmwarethinkpad_s2_yoga_3rd_gen_firmwarethinkcentre_m910zs340-14iwl_touch_firmwarethinkcentre_m920sthinkcentre_m710q_firmwareqitian_4500_firmwarethinkpad_x390_yogathinkcentre_m818zqt_m415thinkcentre_m8600tthinkpad_s1_yogathinkpad_e560thinksystem_hr650x_\(skl\)yangtian_mf_h110_pcithinkcentre_m910qrescuer_y7000\(1060\)510s-08iklideacentre_720-18apr_firmwarethinkcentre_m720s340c-15iwl_firmwarethinkcentre_m90n-1_firmwarexiaoxin_air_15ikbr_firmwarethinkpad_p43s_\(20rx\)v330-15igm_firmware530s-14ikbyangtian_wcc_h81_pci_firmwarethinkcentre_m810zyangtian_afh81_firmwarethinkcentre_m9500zthinkpad_x131e_firmwarethinkcentre_m810z_firmwareflex_6-1470_firmwarev510z_\(yt_s5250\)m4550_idv330-14ikbthinkpad_e480_firmwareflex_6-14ikb_firmwarethinkstation_p300thinkcentre_m6600yangtian_me_h110_firmwarel340-15iwl330-14ikbr_firmwareyangtian_wf_h110_pcithinkpad_t540pthinkcentre_m6600sthinkpad_t540p_firmwarelegion_y530-15ich\(1060\)thinkpad_t460_firmwarethinkpad_t460s_firmwarethinkstation_p330330-17ikbrl340-17iwl_firmwarethinkcentre_m700qthinkpad_x270_firmware63_firmwarethinkpad_s2_yoga_3rd_genthinkcentre_m6500sthinkcentre_m8500s_firmwarethinkpad_l490aio520-24arr330-15ichxiaoxin_tide_7000-15_u22_firmwarethinkpad_p71_firmware330c-15ikb_firmwareqitian_b4650thinkpad_l590_firmwarethinkcentre_e75tthinkcentre_m4500qs145-15iwl_firmwarexiaoxin_air_15iwl_firmwareqitian_a815_firmwareyta8900f_firmwarethinkpad_x260s145-15iwlthinkcentre_m910tthinkpad_x250_firmware530s-15iwl330c-15ikbthinkpad_yoga_260-s1thinkcentre_e75t_firmwarethinkstation_p330_firmwarethinkpad_s5_2nd_generation_firmwareaio_330-20igmaio520-27ikl_firmwaree52-80_firmwarethinkcentre_m920qthinkpad_p50_firmwarethinkpad_s3_3rd_gen_firmwarethinkcentre_m4500s_firmwarethinkcentre_m720t_firmwarethinkpad_x260_firmwarelegion_y730-15ichthinkpad_e590_firmwarezhaoyang_e53-80_firmwarethinkstation_p320_tinythinkcentre_m800thinkpad_t450thinkcentre_m800zthinkcentre_m900yangtian_mc_h110_firmwarethinkpad_t490thinkcentre_m93p_firmwarethinkpad_x280_firmwarethinkcentre_m93thinkpad_p73_firmwarethinkstation_p330_tiny_firmwares940-14iwllegion_y740-15ichg_firmwarethinkcentre_m8350zxiaoxin-14iwl_qc_2019_firmwareyoga_730-15iwl_firmwarel340-17iwls530-13iwlthinkcentre_m625qthinkpad_w550sthinkpad_l480thinkpad_e450_firmwarethinkpad_t460thinkpad_x390_firmware330-17ikb_firmwarethinkpad_r490_firmwares540-14iwls145-14ikbthinkpad_t440_firmwarethinkcentre_m8500tthinkcentre_m83z_\(aio\)thinkcentre_m93plegion_t530-28icb_firmware330-15ikbr_touch_firmwareideacentre_510a-15icb_firmwarexiaoxin_air_13iwlv320-17ikbr_firmwareideacentre_730s-24ikbflex-14iwl_firmwarev530-24icb\(yt_s5350\)xx_chao5000-ikbrathinkpad_10thinkcentre_m700q_firmwareyangtian_me_h110legion_y740-17ichg_firmwareqitian_b5900v310-15iskv530s-07icb63thinkpad_yoga_370yangtian_afq150aio520-24arr_firmwarev310-14ikb_firmwarek43c-80_firmware130-14ikbqitian_b4550thinkpad_e550c_firmwareideacentre_310s-08igmthinkpad_x140e_firmwareideacentre_300-20ish_firmwarethinkstation_p330_tinyyangtian_mf_h81_pci_firmwarea340-24icb_firmwarethinkcentre_m9350z_firmwarethinkpad_x240legion_y740-17irhg_firmwarethinkcentre_m800z_firmwareyoga_730-15iwlthinkpad_t450s_firmwarethinkcentre_m9500z_firmwarexiaoxin_air_14ikbr_firmwarethinkcentre_m920s_firmwarethinkpad_p52s_firmwareideacentre_720-18icbthinkcentre_m920z_firmwarethinkpad_t550_firmwarethinkcentre_m4600sthinkcentre_e74sv510-14ikb_firmwarethinkcentre_m610thinkpad_s531thinkpad_yoga_260-s1_firmwareideacentre_300-20ishthinkpad_t25_firmwareyangtian_wf_h81_pcithinkcentre_m920xyangtian_ytm6900e-00_firmwares940-14iwl_firmwarethinkcentre_m90n-1m4500_id_firmwarethinkcentre_e73720s-14ikbr_firmwareflex_5-1570\(r\)_firmwarelegion_y740-15irhgthinkcentre_m6500tv330-15ikb_firmwarethinkcentre_m910xrescuer_y7000\(1060\)_firmwarethinkcentre_m6600s_firmwarethinkpad_p53sthinkpad_t480sthinkpad_w541_firmwarethinkpad_p51_firmwarethinkcentre_m910sl340-15iwl_firmwareyangtian_ms_h81_firmwarelegion_c730-19ico_firmwareqitian_m4600thinkpad_e460_firmwarethinkstation_p320_firmwarethinkpad_11e_firmwarethinkpad_l570thinkcentre_m6600q_firmware530s-14iwlthinkcentre_m8500t_firmwareyangtian_ms_h81thinkpad_s5_yoga_15_firmwarezhaoyang_e43-80_kblthinkcentre_m900zthinkpad_e450c_firmwareaio520-27iklthinkpad_t490s_firmwarethinkpad_x240sideacentre_510s-08ish_firmwaree42-80thinkpad_l580yogo_a940-27icbyangtian_tc_h110_pci_firmwarelegion_t730-28ico_firmwarethinkcentre_m8300z_firmwareyangtian_we_h110thinkpad_s5_2nd_generation130-15ikb510-15ikl_firmwarelegion_y730-17ichm4500_idthinkcentre_m725syangtian_ytm6900e-00v310-15isk_firmwarethinkpad_e490s_firmwarethinkpad_s5thinkpad_t470p_firmwarethinkcentre_m725s_firmwarelegion_t530-28apr_reflash_firmwarelegion_y9000k_2019_firmwarev540-24iwl\(yt_s5430\)_firmwareyoga_730-13ikb_firmwarethinkpad_e490_firmware730s-13iwl_firmwarev320-15ikbthinkpad_t560thinkcentre_m8300zs145-14iwlthinkpad_s1_3rd_firmwarethinksystem_hr630x_\(skl\)_firmwarexiaoxin_tide_7000-15_u42_firmwarelegion_y530-15ichthinkcentre_m700t_firmwarethinkstation_p320_tiny_firmwarethinkcentre_m83thinkpad_p50sthinkpad_p53_firmwarev330-15isk_firmwarethinkcentre_e74z_firmwarethinksystem_hr630x_\(skl\)v520t-15ikl_firmwarethinkpad_s1_3rdthinkcentre_x1_aio_firmwarethinkcentre_m4500k_firmwarexiaoxin_air_15ikbrthinkcentre_e75s_firmwarethinkpad_p51v510-14ikbthinkcentre_m610_firmwareqitian_m4550_firmwarev730-15ikbthinkpad_t490sl340-15iwltouch_firmwarethinkpad_p73thinkpad_e560pthinkcentre_m93z_\(aio\)_firmwares145-14iwl_firmwarev530-24icb\(yt_s5350\)_firmwarethinkcentre_m715tyangtian_wc_h110_pci_firmwarethinkpad_t470sthinkpad_p72thinkcentre_m910t_firmwarethinkpad_e450thinkpad_t470pthinkcentre_m710syangtian_afh81thinkcentre_m4500tthinkcentre_m910z_firmwarethinkpad_yoga_370_firmwarethinkpad_e550_firmwareyoga_730-15ikbthinkcentre_m715s_firmwareaio520-22iku_firmwarethinkpad_t480thinkstation_e32thinkcentre_m600yangtian_tc_h110_pciThinkPad T470pThinkPad T460p
CVE-2019-6177
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-1.08% / 61.27%
||
7 Day CHG~0.00%
Published-21 Aug, 2019 | 19:55
Updated-16 Sep, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Lenovo Vantage or Lenovo Diagnostics in April 2018.

Action-Not Available
Vendor-Lenovo Group Limited
Product-solution_centerSolution Center
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-5638
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-100.00% / 99.99%
||
7 Day CHG~0.00%
Published-11 Mar, 2017 | 02:11
Updated-21 Apr, 2026 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Action-Not Available
Vendor-HP Inc.Aruba NetworksNetApp, Inc.Oracle CorporationThe Apache Software FoundationLenovo Group LimitedIBM Corporation
Product-storwize_v3500_firmwareweblogic_serverstorwize_v7000storage_v5030strutsstorwize_v7000_firmwarestorwize_v5000storage_v5030_firmwareoncommand_balanceclearpass_policy_managerstorwize_v3500storwize_v5000_firmwareserver_automationApache StrutsStruts
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2017-3774
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-9.8||CRITICAL
EPSS-1.29% / 67.00%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption.

Action-Not Available
Vendor-IBM CorporationLenovo Group Limited
Product-system_x3650_m5bladecenter_hs23eflex_system_x480_m4system_x3630_m4bladecenter_hs22system_x3550_m5flex_system_x280_x6nextscale_nx360_m4nextscale_nx360_m5bladecenter_hs23system_x3300_m4system_x3250_m5system_x3650_m4_hdsystem_x3250_m4system_x3250_m6flex_system_x280_m4system_x3850_x6system_x3550_m4flex_system_x880idataplex_dx360_m4system_x3950_x6system_x3650_m4_bdsystem_x3750_m4flex_system_x880_m4flex_system_x222_m4system_x3500_m5flex_system_x220_m4flex_system_x240_m5flex_system_x480_x6system_x3100_m5system_x3500_m4system_x3530_m4system_x3100_m4idataplex_dx360_m4_water_cooledflex_system_x440_m4system_x3650_m4flex_system_x240_m4integrated_management_module_2IMM2
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17833
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.89% / 89.07%
||
7 Day CHG~0.00%
Published-23 Apr, 2018 | 18:00
Updated-05 Aug, 2024 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.

Action-Not Available
Vendor-openslpn/aCanonical Ltd.Red Hat, Inc.Lenovo Group LimitedDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxthinkserver_rd450thinkserver_rd450xthinkserver_rd450_firmwarethinkserver_sd350enterprise_linux_server_eusenterprise_linux_server_austhinksystem_hr630xthinkserver_rd640fan_power_controllerflex_system_fc3171_8gb_san_switch_firmwarethinkserver_td340thinkserver_rq750_firmwarethinkserver_rd540thinkserver_rd350x_firmwarethinkserver_rd350xbm_nextscale_fan_power_controllerthinkserver_rd350_firmwarethinkserver_rd340thinkserver_rd350enterprise_linux_workstationthinkserver_rd440thinkserver_rd540_firmwarethinkserver_rd450x_firmwarethinkserver_rd350g_firmwarethinkserver_rd340_firmwarethinkserver_rq750thinkserver_sd350_firmwarestorage_n4610thinkserver_rd650enterprise_linux_desktopthinkserver_rd650_firmwarethinkserver_rd350gcmmthinkserver_rs160thinksystem_sr630thinksystem_sr630_firmwarethinkserver_rs160_firmwarethinkserver_td350_firmwarethinkserver_ts460flex_system_fc3171_8gb_san_switchstorage_n3310thinkserver_rd640_firmwareimm1thinksystem_hr630x_firmwareopenslpimm2thinkserver_rd550_firmwarethinkserver_td350debian_linuxxclarity_administratorthinkserver_ts460_firmwarethinkserver_td340_firmwarethinkserver_rd440_firmwarethinksystem_hr650xenterprise_linux_server_tusstorage_n4610_firmwarestorage_n3310_firmwarethinksystem_hr650x_firmwarethinkserver_rd550n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2026-16126
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-18 Jul, 2026 | 15:45
Updated-18 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
zevorn rt-claw Swarm RPC Receiver swarm.c handle_rpc_request authorization

A vulnerability was determined in zevorn rt-claw up to 0.2.0. The impacted element is the function handle_rpc_request of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-zevorn
Product-rt-claw
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-2345
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.51% / 40.16%
||
7 Day CHG~0.00%
Published-27 Apr, 2023 | 14:00
Updated-30 Jan, 2025 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Service Provider Management System improper authorization

A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_inquiry. The manipulation leads to improper authorization. The attack may be launched remotely. The identifier of this vulnerability is VDB-227588.

Action-Not Available
Vendor-oretnom23SourceCodester
Product-service_provider_management_systemService Provider Management System
CWE ID-CWE-285
Improper Authorization
CVE-2023-22480
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-66.77% / 99.21%
||
7 Day CHG~0.00%
Published-14 Jan, 2023 | 00:03
Updated-10 Mar, 2025 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
KubeOperator is vulnerable to unauthorized access to system API

KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters. In KubeOperator versions 3.16.3 and below, API interfaces with unauthorized entities and can leak sensitive information. This vulnerability could be used to take over the cluster under certain conditions. This issue has been patched in version 3.16.4.

Action-Not Available
Vendor-KubeOperator (FIT2CLOUD Inc.)FIT2CLOUD Inc.
Product-kubeoperatorKubeOperator
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-7663
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.26% / 17.34%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 19:16
Updated-02 Jul, 2026 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass

IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.

Action-Not Available
Vendor-langflowIBM Corporation
Product-langflowLangflow OSS
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-12782
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.72% / 49.81%
||
7 Day CHG+0.01%
Published-19 Dec, 2024 | 12:31
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fujifilm Business Innovation Apeos C3070/Apeos C5570/Apeos C6580 Web Interface index.html#hashHome improper authorization

A vulnerability has been found in Fujifilm Business Innovation Apeos C3070, Apeos C5570 and Apeos C6580 up to 24.8.28 and classified as critical. This vulnerability affects unknown code of the file /home/index.html#hashHome of the component Web Interface. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains that "during technical verification it is not possible to reproduce any active actions like reboots which were mentioned in the original researcher disclosure."

Action-Not Available
Vendor-Fujifilm Business Innovation
Product-Apeos C6580Apeos C3070Apeos C5570
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2021-35964
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.3||HIGH
EPSS-1.08% / 61.49%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 11:55
Updated-16 Sep, 2024 | 23:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Learningdigital.com, Inc. Orca HCM - Broken Authentication

The management page of the Orca HCM digital learning platform does not perform identity verification, which allows remote attackers to execute the management function without logging in, access members’ information, modify and delete the courses in system, thus causing users fail to access the learning content.

Action-Not Available
Vendor-learningdigitalLearningdigital.com, Inc.
Product-orca_hcmOrca HCM
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-287
Improper Authentication
CVE-2026-7644
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.31% / 22.87%
||
7 Day CHG~0.00%
Published-02 May, 2026 | 15:00
Updated-05 May, 2026 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ChatGPTNextWeb NextChat actions.ts addMcpServer improper authorization

A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the file app/mcp/actions.ts. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-ChatGPTNextWeb
Product-NextChat
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2026-7505
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.38% / 30.36%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 22:00
Updated-01 May, 2026 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
nextlevelbuilder GoClaw/GoClaw Lite RPC improper authorization

A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading to version 3.9.0 mitigates this issue. Patch name: 406022e79f4a18b3070a446712080571eff11e30. You should upgrade the affected component.

Action-Not Available
Vendor-nextlevelbuilder
Product-GoClawGoClaw Lite
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2016-4531
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-8.22% / 94.25%
||
7 Day CHG~0.00%
Published-28 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_energrymetrixn/a
CWE ID-CWE-285
Improper Authorization
CVE-2026-6977
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.28% / 19.79%
||
7 Day CHG~0.00%
Published-25 Apr, 2026 | 10:15
Updated-27 Apr, 2026 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
vanna-ai vanna Legacy Flask API improper authorization

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-vanna-ai
Product-vanna
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2026-6105
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.31% / 22.87%
||
7 Day CHG~0.00%
Published-11 Apr, 2026 | 22:00
Updated-24 Apr, 2026 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
perfree go-fastdfs-web doInstall InstallController.java improper authorization

A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-perfree
Product-go-fastdfs-web
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2016-10734
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 72.20%
||
7 Day CHG~0.00%
Published-28 Oct, 2018 | 03:00
Updated-06 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.

Action-Not Available
Vendor-projectsendn/a
Product-projectsendn/a
CWE ID-CWE-285
Improper Authorization
CVE-2026-5642
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.28% / 20.39%
||
7 Day CHG~0.00%
Published-06 Apr, 2026 | 09:30
Updated-27 Apr, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cyber-III Student-Management-System HTTP POST Request update.php improper authorization

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-Cyber-III
Product-Student-Management-System
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2021-32688
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-2.31% / 81.43%
||
7 Day CHG~0.00%
Published-12 Jul, 2021 | 13:45
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Application specific tokens can change their own scope

Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server supports application specific tokens for authentication purposes. These tokens are supposed to be granted to a specific applications (e.g. DAV sync clients), and can also be configured by the user to not have any filesystem access. Due to a lacking permission check, the tokens were able to change their own permissions in versions prior to 19.0.13, 20.0.11, and 21.0.3. Thus fileystem limited tokens were able to grant themselves access to the filesystem. The issue is patched in versions 19.0.13, 20.0.11, and 21.0.3. There are no known workarounds aside from upgrading.

Action-Not Available
Vendor-Fedora ProjectNextcloud GmbH
Product-fedoranextcloud_serversecurity-advisories
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2021-32619
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.11% / 62.33%
||
7 Day CHG~0.00%
Published-28 May, 2021 | 21:00
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Static imports inside dynamically imported modules do not adhere to permission checks

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2.

Action-Not Available
Vendor-denodenoland
Product-denodeno
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-53895
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.59% / 44.27%
||
7 Day CHG+0.02%
Published-16 Dec, 2025 | 17:06
Updated-15 Jul, 2026 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PimpMyLog 1.7.14 Improper Access Control via Account Creation Endpoint

PimpMyLog 1.7.14 contains an improper access control vulnerability that allows remote attackers to create admin accounts without authorization through the configuration endpoint. Attackers can exploit the unsanitized username field to inject malicious JavaScript, create a hidden backdoor account, and potentially access sensitive server-side log information and environmental variables.

Action-Not Available
Vendor-potskyPimpmylog
Product-pimp_my_logPimpMyLog
CWE ID-CWE-285
Improper Authorization
CVE-2021-3044
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.41% / 69.57%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 17:15
Updated-16 Sep, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cortex XSOAR: Unauthorized Usage of the REST API

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. This issue impacts: Cortex XSOAR 6.1.0 builds later than 1016923 and earlier than 1271064; Cortex XSOAR 6.2.0 builds earlier than 1271065. This issue does not impact Cortex XSOAR 5.5.0, Cortex XSOAR 6.0.0, Cortex XSOAR 6.0.1, or Cortex XSOAR 6.0.2 versions. All Cortex XSOAR instances hosted by Palo Alto Networks are upgraded to resolve this vulnerability. No additional action is required for these instances.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-cortex_xsoarCortex XSOAR
CWE ID-CWE-285
Improper Authorization
CVE-2021-31384
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-1.12% / 62.61%
||
7 Day CHG~0.00%
Published-19 Oct, 2021 | 18:17
Updated-16 Sep, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the service

Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any device interface regardless of the web-management configuration and filter rules which may otherwise protect access to J-Web. This issue affects: Juniper Networks Junos OS SRX Series 20.4 version 20.4R1 and later versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx5400srx5800srx4200srx550srx300srx5600junossrx4100srx4600srx1500Junos OS
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-551
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
CWE ID-CWE-1220
Insufficient Granularity of Access Control
CWE ID-CWE-939
Improper Authorization in Handler for Custom URL Scheme
CVE-2025-3918
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.33%
||
7 Day CHG~0.00%
Published-03 May, 2025 | 01:43
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Job Listings 0.1 - 0.1.1 - Unauthenticated Privilege Escalation via register_action Function

The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration handler reads the client-supplied $_POST['user_role'] and passes it directly to wp_insert_user() without restricting to a safe set of roles. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.

Action-Not Available
Vendor-nootheme
Product-Job Listings
CWE ID-CWE-285
Improper Authorization
CVE-2025-30392
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 55.02%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 17:14
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure AI Bot Elevation of Privilege Vulnerability

Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_ai_bot_serviceAzure AI Bot Service
CWE ID-CWE-285
Improper Authorization
CVE-2021-28799
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-10||CRITICAL
EPSS-78.25% / 99.53%
||
7 Day CHG-0.15%
Published-13 May, 2021 | 02:55
Updated-03 Nov, 2025 | 15:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-21||Apply updates per vendor instructions.
Improper Authorization Vulnerability in HBS 3 (Hybrid Backup Sync)

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210411 on QTS 4.3.4; versions prior to v3.0.210411 on QTS 4.3.3; versions prior to v16.0.0419 on QuTS hero h4.5.1; versions prior to v16.0.0419 on QuTScloud c4.5.1~c4.5.4. This issue does not affect: QNAP Systems Inc. HBS 2 . QNAP Systems Inc. HBS 1.3 .

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qutscloudqtshybrid_backup_syncquts_heroHBS 2HBS 3HBS 1.3Network Attached Storage (NAS)
CWE ID-CWE-285
Improper Authorization
CVE-2025-30389
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.7||HIGH
EPSS-0.71% / 49.37%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 17:14
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Bot Framework SDK Elevation of Privilege Vulnerability

Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_ai_bot_serviceAzure AI Bot Service
CWE ID-CWE-285
Improper Authorization
CVE-2021-27663
Matching Score-4
Assigner-Johnson Controls
ShareView Details
Matching Score-4
Assigner-Johnson Controls
CVSS Score-8.2||HIGH
EPSS-1.67% / 74.17%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 16:37
Updated-17 Sep, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CEM Systems AC2000

A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5.

Action-Not Available
Vendor-johnsoncontrolsJohnson Controls
Product-ac2000ac2000_firmwareCEM Systems AC2000
CWE ID-CWE-285
Improper Authorization
CVE-2015-5463
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.03% / 78.87%
||
7 Day CHG~0.00%
Published-03 Apr, 2019 | 19:15
Updated-06 Aug, 2024 | 06:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through arbitrary SQL commands, (2) perform a horizontal and vertical privilege escalation, (3) cause a Denial of Service on global application, or (4) write/read/delete arbitrary files on server hosting the application.

Action-Not Available
Vendor-axiomsln/a
Product-axiomn/a
CWE ID-CWE-285
Improper Authorization
CVE-2025-29926
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.9||HIGH
EPSS-0.53% / 41.37%
||
7 Day CHG~0.00%
Published-19 Mar, 2025 | 17:40
Updated-13 May, 2025 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The WikiManager REST API allows any user to create wikis

XWiki Platform is a generic wiki platform. Prior to 15.10.15, 16.4.6, and 16.10.0, any user can exploit the WikiManager REST API to create a new wiki, where the user could become an administrator and so performs other attacks on the farm. Note that this REST API is not bundled in XWiki Standard by default: it needs to be installed manually through the extension manager. The problem has been patched in versions 15.10.15, 16.4.6 and 16.10.0 of the REST module.

Action-Not Available
Vendor-XWiki SAS
Product-xwikixwiki-platform
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-862
Missing Authorization
CVE-2025-29659
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 68.45%
||
7 Day CHG+0.10%
Published-21 Apr, 2025 | 00:00
Updated-23 Jun, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.

Action-Not Available
Vendor-yiiotn/a
Product-xy-3820xy-3820_firmwaren/a
CWE ID-CWE-285
Improper Authorization
CVE-2025-2360
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-3.77% / 88.71%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 04:00
Updated-15 Jul, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-823G UPnP Service HNAP1 SetUpnpSettings improper authorization

A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05_20181207. Affected by this vulnerability is the function SetUpnpSettings of the file /HNAP1/ of the component UPnP Service. The manipulation of the argument SOAPAction leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-823gdir-823g_firmwareDIR-823G
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2025-3199
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.58% / 43.65%
||
7 Day CHG~0.00%
Published-04 Apr, 2025 | 02:00
Updated-08 Dec, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ageerle ruoyi-ai API Interface SysModelController.java improper authorization

A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java of the component API Interface. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.2 is able to address this issue. The name of the patch is c0daf641fb25b244591b7a6c3affa35c69d321fe. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-pandarobotageerle
Product-ruoyi_airuoyi-ai
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2025-3202
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.48% / 38.60%
||
7 Day CHG~0.00%
Published-04 Apr, 2025 | 02:31
Updated-26 Aug, 2025 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ageerle ruoyi-ai SysNoticeController.java improper authorization

A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 6382e177bf90cc56ff70521842409e35c50df32d. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-ageerleageerle
Product-ruoyi-airuoyi-ai
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2023-42491
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-8.8||HIGH
EPSS-0.64% / 46.49%
||
7 Day CHG~0.00%
Published-25 Oct, 2023 | 14:34
Updated-17 Sep, 2024 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EisBaer Scada - CWE-285: Improper Authorization

EisBaer Scada - CWE-285: Improper Authorization

Action-Not Available
Vendor-busbaerEisBaer Scada
Product-eisbaer_scada EisBaer Scada
CWE ID-CWE-285
Improper Authorization
CVE-2025-2320
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.64% / 46.50%
||
7 Day CHG~0.00%
Published-14 Mar, 2025 | 22:00
Updated-22 Oct, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
274056675 springboot-openai-chatgpt User submit improper authorization

A vulnerability has been found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this vulnerability is the function submit of the file /api/blade-user/submit of the component User Handler. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-274056675274056675
Product-springboot-openai-chatgptspringboot-openai-chatgpt
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2019-13550
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-2.85% / 85.11%
||
7 Day CHG~0.00%
Published-18 Sep, 2019 | 20:52
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash.

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-webaccessWebAccess
CWE ID-CWE-285
Improper Authorization
CVE-2025-31255
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.47% / 70.76%
||
7 Day CHG~0.00%
Published-15 Sep, 2025 | 22:34
Updated-02 Apr, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to access sensitive user data.

Action-Not Available
Vendor-Apple Inc.
Product-tvoswatchosmacosiphone_osipadosmacOSwatchOSiOS and iPadOStvOS
CWE ID-CWE-285
Improper Authorization
CVE-2026-5842
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.31% / 23.31%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 04:30
Updated-24 Apr, 2026 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
decolua 9router Administrative API Endpoint api authorization

A security vulnerability has been detected in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the component Administrative API Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 0.3.75 is sufficient to resolve this issue. It is suggested to upgrade the affected component.

Action-Not Available
Vendor-decolua
Product-9router
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2025-13806
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 33.10%
||
7 Day CHG~0.00%
Published-01 Dec, 2025 | 04:02
Updated-24 Feb, 2026 | 06:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
nutzam NutzBoot Transaction API EthModule.java improper authorization

A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation of the argument from/to/wei leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-nutzamnutzam
Product-nutzbootNutzBoot
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found