目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2024-8279— Lenovo XClarity Controller 安全漏洞

CVSS 7.2 · High EPSS 0.44% · P63
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2024-8279の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
N/A
ソース: NVD (National Vulnerability Database)
脆弱性説明
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Lenovo XClarity Controller 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Lenovo XClarity Controller(Lenovo XCC)是中国联想(Lenovo)公司的一款服务器嵌入式管理引擎。主要用于标准化和自动化基础服务器管理任务。 Lenovo XClarity Controller存在安全漏洞,该漏洞源于通过特别构建的文件上传,可能允许具有提升权限的有效认证用户执行命令注入。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LenovoHX5530 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX7530 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoST250 V3 (ThinkSystem) XCC 0 ~ 2.10 CTX312G -
LenovoVX3331 Certified Node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX Enclosure Certified Node (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoHX1021 Edge Certified Node 3yr (ThinkAgile) XCC 0 ~ 4.11 TEI3E4A -
LenovoHX1320 Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX1321 Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX1331 Certified Node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX1520-R Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX1521-R Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX2320-E Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX2321 Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX2330 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX2331 Certified Node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX2720-E Appliance (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoHX3320 Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX3321 Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX3330 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX3331 Certified Node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX3331 Node SAP HANA (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX3375 Appliance (ThinkAgile) XCC 0 ~ 5.61 D8BT64D -
LenovoHX3376 Certified Node (ThinkAgile) XCC 0 ~ 5.61 D8BT64D -
LenovoHX3520-G Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX3521-G Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX3720 Appliance (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoHX3721 Certified Node (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoHX5520 Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX5520-C Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX5521 Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX5521-C Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX5531 Certified Node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX7520 Appliance (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX7521 Certified Node (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoHX7530 Appl for SAP HANA (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX7531 Certified Node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX7531 Node SAP HANA (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoHX7820 Appliance (ThinkAgile) XCC 0 ~ 3.11 PSI354A -
LenovoHX7821 Certified Node (ThinkAgile) XCC 0 ~ 3.11 PSI354A -
LenovoMX Edge Appliance - MX1020 (ThinkAgile) XCC 0 ~ 4.11 TEI3E4A -
LenovoMX3330-F All-flash Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoMX3330-H Hybrid Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoMX3331-F All-flash Certified node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoMX3331-H Hybrid Certified node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoMX3530 F All flash Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoMX3530-H Hybrid Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoMX3531 H Hybrid Certified node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoMX3531-F All-flash Certified node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoP920 Rack Workstation (ThinkStation) XCC 0 ~ 9.97 CDI3B4B -
LenovoSD530 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSD530 V3 (ThinkSystem) XCC 0 ~ 1.20 USX352 -
LenovoSD550 V3 (ThinkSystem) XCC 0 ~ 1.20 USX352 -
LenovoSD630 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSD650 DWC Dual Node Tray (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSD650 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSD650 V3 (ThinkSystem) XCC 0 ~ 6.10 USX350G -
LenovoSD650-N V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSD665 V3 (ThinkSystem) XCC 0 ~ 6.10 QGX340J -
LenovoSE350 (ThinkSystem) XCC 0 ~ 4.11 TEI3E4A -
LenovoSE350 V2 (ThinkEdge) XCC 0 ~ 3.11 IYX328M -
LenovoSE360 V2 (ThinkEdge) XCC 0 ~ 3.11 IYX328M -
LenovoSE450 (ThinkEdge) XCC 0 ~ 3.11 USX332X -
LenovoSE455 V3 (ThinkEdge) XCC 0 ~ 3.10 MBX308L -
LenovoSN550 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSN550 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSN850 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSR150 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSR158 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSR250 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSR250 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSR250 V3 (ThinkSystem) XCC 0 ~ 2.10 CTX312G -
LenovoSR258 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSR258 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSR258 V3 (ThinkSystem) XCC 0 ~ 2.10 CTX312G -
LenovoSR530 (ThinkSystem) XCC 0 ~ 9.97 CDI3B4B -
LenovoSR550 (ThinkSystem) XCC 0 ~ 9.97 CDI3B4B -
LenovoSR570 (ThinkSystem) XCC 0 ~ 9.97 CDI3B4B -
LenovoSR590 (ThinkSystem) XCC 0 ~ 9.97 CDI3B4B -
LenovoSR630 (ThinkSystem) XCC 0 ~ 9.97 CDI3B4B -
LenovoSR630 V2 (ThinkSystem) XCC 0 ~ 4.71 AFBT48C -
LenovoSR630 V3 (ThinkSystem) XCC 0 ~ 5.10 ESX330M -
LenovoSR635 V3 (ThinkSystem) XCC 0 ~ 3.20 KAX334O -
LenovoSR645 (ThinkSystem) XCC 0 ~ 5.61 D8BT64D -
LenovoSR645 V3 (ThinkSystem) XCC 0 ~ 3.20 KAX334O -
LenovoSR650 (ThinkSystem) XCC 0 ~ 9.97 CDI3B4B -
LenovoSR650 V2 (ThinkSystem) XCC 0 ~ 4.71 AFBT48C -
LenovoSR650 V3 (ThinkSystem) XCC 0 ~ 5.10 ESX330M -
LenovoSR655 V3 (ThinkSystem) XCC 0 ~ 3.20 KAX334O -
LenovoSR665 (ThinkSystem) XCC 0 ~ 5.61 D8BT64D -
LenovoSR665 V3 (ThinkSystem) XCC 0 ~ 3.20 KAX334O -
LenovoSR670 (ThinkSystem) XCC 0 ~ 4.11 TEI3E4A -
LenovoSR670 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSR675 V3 (ThinkSystem) XCC 0 ~ 6.10 QGX340J -
LenovoSR850 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSR850 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSR850 V3 (ThinkSystem) XCC 0 ~ 4.10 RSX312I -
LenovoSR850P (ThinkSystem) XCC 0 ~ 4.11 TEI3E4A -
LenovoSR860 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoSR860 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoSR860 V3 (ThinkSystem) XCC 0 ~ 4.10 RSX312I -
LenovoSR950 (ThinkSystem) XCC 0 ~ 3.11 PSI354A -
LenovoSR950 V3 (ThinkSystem) XCC 0 ~ 3.10 EBX308I -
LenovoST250 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoST250 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoST258 (ThinkSystem) XCC 0 ~ 6.36 TEI3F4A -
LenovoST258 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoST258 V3 (ThinkSystem) XCC 0 ~ 2.10 CTX312G -
LenovoST550 (ThinkSystem) XCC 0 ~ 9.97 CDI3B4B -
LenovoST650 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoST650 V3 (ThinkSystem) XCC 0 ~ 6.10 USX350G -
LenovoST658 V2 (ThinkSystem) XCC 0 ~ 4.11 TGBT50C -
LenovoST658 V3 (ThinkSystem) XCC 0 ~ 6.10 USX350G -
LenovoThinkAgile MX1021 on SE350 XCC 0 ~ 4.11 TEI3E4A -
LenovoVX 1SE Certified Node (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoVX 2U4N Certified Node (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoVX 4U Certified Node (ThinkAgile) XCC 0 ~ 3.11 PSI354A -
LenovoVX1320 (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoVX2320 (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoVX2330 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoVX3320 (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoVX3330 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoVX3520-G (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoVX3530-G Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoVX3720 (ThinkAgile) XCC 0 ~ 6.36 TEI3F4A -
LenovoVX5520 (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoVX5530 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoVX635 V3 Integrated System (ThinkAgile) XCC 0 ~ 3.20 KAX334O -
LenovoVX645 V3 Certified Node (ThinkAgile) XCC 0 ~ 3.20 KAX334O -
LenovoVX645 V3 Integrated System (ThinkAgile) XCC 0 ~ 3.20 KAX334O -
LenovoVX655 V3 Certified Node (ThinkAgile) XCC 0 ~ 3.20 KAX334O -
LenovoVX655 V3 Integrated System (ThinkAgile) XCC 0 ~ 3.20 KAX334O -
LenovoVX665 V3 Certified Node (ThinkAgile) XCC 0 ~ 3.20 KAX334O -
LenovoVX665 V3 Integrated System (ThinkAgile) XCC 0 ~ 3.20 KAX334O -
LenovoVX7320 N (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoVX7330 Appliance (Thinkagile) XCC 0 ~ 4.71 AFBT48C -
LenovoVX7520 (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoVX7520 N (ThinkAgile) XCC 0 ~ 9.97 CDI3B4B -
LenovoVX7530 Appliance (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoVX7531 Certified Node (ThinkAgile) XCC 0 ~ 4.71 AFBT48C -
LenovoVX7820 (ThinkAgile) XCC 0 ~ 3.11 PSI354A -

II. CVE-2024-8279の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2024-8279のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Lenovo · 2024-09-13 · 12 CVEs total

CVE-2024-82787.2 HIGHLenovo XClarity Controller 安全漏洞
CVE-2024-82807.2 HIGHLenovo XClarity Controller 安全漏洞
CVE-2024-82817.2 HIGHLenovo XClarity Controller 安全漏洞
CVE-2024-77566.8 MEDIUMLenovo ThinkPad 安全漏洞
CVE-2024-451016.8 MEDIUMLenovo XClarity Administrator 安全漏洞
CVE-2024-31006.7 MEDIUMLenovo Notebook 安全漏洞
CVE-2024-45506.7 MEDIUMLenovo ThinkSystem和Lenovo ThinkStation 安全漏洞
CVE-2024-451056.7 MEDIUMLenovo ThinkSystem 安全漏洞
CVE-2024-451046.3 MEDIUMLenovo XClarity Administrator 安全漏洞
CVE-2024-80594.3 MEDIUMLenovo XClarity Controller 安全漏洞
CVE-2024-451034.3 MEDIUMLenovo XClarity Administrator 安全漏洞

IV. 関連脆弱性

同じ製品: HX5530 Appliance (ThinkAgile) XCC
同じベンダー: Lenovo
同じ弱点: CWE-78

V. CVE-2024-8279へのコメント

まだコメントはありません

コメントを残す