{"containers": {"cna": {"affected": [{"product": "System x UEFI", "vendor": "Lenovo", "versions": [{"lessThan": "varies", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "System x UEFI", "vendor": "IBM", "versions": [{"lessThan": "varies", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2018-11-16T00:00:00", "descriptions": [{"lang": "en", "value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."}], "problemTypes": [{"descriptions": [{"description": "Denial of service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-11-16T13:57:01", "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"}], "solutions": [{"lang": "en", "value": "Update UEFI firmware"}], "source": {"advisory": "LEN-24477", "discovery": "INTERNAL"}, "title": "Missing System x Flash Memory Write Protection Lock Bit", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@lenovo.com", "ID": "CVE-2018-9085", "STATE": "PUBLIC", "TITLE": "Missing System x Flash Memory Write Protection Lock Bit"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "System x UEFI", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "varies"}]}}]}, "vendor_name": "Lenovo"}, {"product": {"product_data": [{"product_name": "System x UEFI", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "varies"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of service"}]}]}, "references": {"reference_data": [{"name": "https://support.lenovo.com/us/en/solutions/LEN-24477", "refsource": "CONFIRM", "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"}]}, "solution": [{"lang": "en", "value": "Update UEFI firmware"}], "source": {"advisory": "LEN-24477", "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T07:17:50.596Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"}]}]}, "cveMetadata": {"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "assignerShortName": "lenovo", "cveId": "CVE-2018-9085", "datePublished": "2018-11-16T14:00:00", "dateReserved": "2018-03-27T00:00:00", "dateUpdated": "2024-08-05T07:17:50.596Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4615A750-2A3B-47B4-89EE-A3232E19CAF2", "versionEndExcluding": "a3e122b", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*", "matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBEEBA90-3902-48F4-AFF2-708C0F1732B6", "versionEndExcluding": "cge122b", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:system_x3750_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "69B6C713-88F0-46FA-9BA0-A8990742BF56", "versionEndExcluding": "a5e124b", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAC299FF-82AF-4B45-8646-8EEA9A9A7EB6", "versionEndExcluding": "tke160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:bladecenter:hs23:-:*:*:*:*:*:*", "matchCriteriaId": "F6EB37C6-274D-420A-A870-508105E94A09", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B02CA18F-9C74-4F42-8306-D41CAC6AF823", "versionEndExcluding": "ahe160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:-:*:*:*:*:*:*", "matchCriteriaId": "A6035D4E-3B1E-4882-AD00-622A5A14E428", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:flex_system_x220_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D4A9615-D41C-4D0E-B2F0-2F7193F4FB95", "versionEndExcluding": "kse158c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:flex_system_x220:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD06E939-3D9E-4254-B570-0C9D79E1A6EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:flex_system_x222_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "386977A4-311D-48AE-BD40-17F1349F4912", "versionEndExcluding": "cce160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*", "matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D66C4AB-D69B-4D90-9F47-C590048582EE", "versionEndExcluding": "ahe160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*", "matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:flex_system_x280_x6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "348B1A1E-5617-4EA1-B562-5605EE463AFC", "versionEndExcluding": "n3e132w", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:flex_system_x280_x6:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F33B121-C777-4D32-B601-B32E3D240761", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC3C5FED-59D7-4EB9-BE2F-C0CB0266348D", "versionEndExcluding": "cne162d", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:flex_system_x480_x6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1AFF5F6-2183-448D-A43E-9F13E6219E8D", "versionEndExcluding": "n3e132w", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:flex_system_x480_x6:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C2B5F19-EE82-4DA4-9ACD-505943C4EC8C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:flex_system_x880_x6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7656DBE9-CC1A-441D-95CA-2DC524ECEDE0", "versionEndExcluding": "n2e130e", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:flex_system_x880_x6:-:*:*:*:*:*:*:*", "matchCriteriaId": "5BED0E10-71B6-4323-96F5-B98D4FE7C7AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "088D5D83-67AB-43C4-BFC8-F80F86B24DAA", "versionEndExcluding": "fhe120d", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_:-:*:*:*:*:*:*:*", "matchCriteriaId": "10ECC957-AC46-4141-9587-2A61F5F0C8D4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "07F99BB6-2E71-44B0-8910-EE4945EAE096", "versionEndExcluding": "fhe120d", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_:-:*:*:*:*:*:*:*", "matchCriteriaId": "10ECC957-AC46-4141-9587-2A61F5F0C8D4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3100_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "075B4B38-E5F0-4B21-9F42-8571C2DE2710", "versionEndExcluding": "jqe184c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3100_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A654AB-188E-47B2-8C6D-6EA5C824B75B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3100_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DC44F64-B03F-4BF6-9D18-F800C95F486B", "versionEndExcluding": "j9e134c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3100_m5:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0CDF041-DA1B-4657-B86C-6509F3DA4415", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3250_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A9A0EF2-F0DF-46EB-BBE1-5CE2A9F346F2", "versionEndExcluding": "jqe184c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3250_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5A1D29C-9491-4577-AB46-42924DB2B280", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3250_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9278E60-F61A-4BD6-974D-428F9328A97C", "versionEndExcluding": "jue134c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3250_m5:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD67192C-7833-40CB-9CCD-7ADBDC07BE47", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3300_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B251FABB-7A74-4A00-9A6A-E1D5010F789F", "versionEndExcluding": "yae156c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3300_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB437E6F-4A5B-4335-B6C3-0C061D630DF0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3500_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC0AEA8A-4BC9-46FC-A939-A72A4C2FBE47", "versionEndExcluding": "y5e158c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3500_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "654187EE-51E9-4AC8-8563-9DD24BB97C5E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3530_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EADB7945-EE70-42C6-91B6-F593CC246F4A", "versionEndExcluding": "bee164c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3530_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "122C6446-D5A2-446F-89B7-FD6742A36CEC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3550_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B343AFD4-F139-41CF-9BA1-8CC81AC5F94D", "versionEndExcluding": "d7e166d", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3550_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB7F4041-3E49-4C34-BCF1-E924690E7947", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3630_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B811AAAD-7526-45DB-9506-2DF80EADD2BD", "versionEndExcluding": "vve162c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3630_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "59A6CC3F-EC19-408C-996E-AF260289F81B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3650_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "73592E6B-511F-47DA-BE96-E485AB8B0C84", "versionEndExcluding": "vve160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3650_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "A50E12D4-7631-4FF3-9390-BE1893468310", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED733CEF-494D-4770-8A9B-5AFDA89FC689", "versionEndExcluding": "vve160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:*:*:*:*:*:*:*:*", "matchCriteriaId": "D37B42B3-A246-4C15-BC87-E821246EAF1D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D526F5A8-6411-445E-9EAA-29AD7AD98834", "versionEndExcluding": "vve160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:*:*:*:*:*:*:*:*", "matchCriteriaId": "66850147-3473-4092-A79B-B42BFEC652FC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3750_m4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5FA3F56B-6163-4FEC-8BFC-8DC45928F175", "versionEndExcluding": "koe160c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3750_m4:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E2C1FAF-46C5-4FB0-AA16-FB731CF77944", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3850_x6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D289168-1A35-48DA-8CA2-38DA52046CB3", "versionEndExcluding": "a8e128c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3850_x6:*:*:*:*:*:*:*:*", "matchCriteriaId": "74A84455-9F94-4934-93ED-623BC81A1406", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:system_x3950_x6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E50A5B5-5EAF-41C2-8FFF-430F8D13AC22", "versionEndExcluding": "bee164c", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:system_x3950_x6:*:*:*:*:*:*:*:*", "matchCriteriaId": "D27C8F43-4900-4A12-9A99-D833DDD51B6E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."}, {"lang": "es", "value": "Se ha dejado sin establecer un bit de bloqueo de protecci\u00f3n de escritura tras el arranque en una generaci\u00f3n m\u00e1s antigua de los servidores x de Lenovo y IBM System, lo que podr\u00eda permitir que un atacante con acceso de administrador modifique el subconjunto de memoria flash que contiene Intel SPS (Server Platform Services) y los descriptores flash del sistema."}], "id": "CVE-2018-9085", "lastModified": "2024-11-21T04:14:56.817", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-16T14:29:00.427", "references": [{"source": "psirt@lenovo.com", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}