Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2018-20674 | Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration. |
Fixes
Solution
Update to CMM v 2.0.0 or higher
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://support.lenovo.com/us/en/solutions/LEN-23806 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: lenovo
Published:
Updated: 2024-08-05T07:17:50.339Z
Reserved: 2018-03-27T00:00:00
Link: CVE-2018-9071

No data.

Status : Modified
Published: 2018-11-16T14:29:00.347
Modified: 2024-11-21T04:14:54.893
Link: CVE-2018-9071

No data.

No data.