Thinksystem Sr670 V2 Firmware
CVE-2024-23591
LOW
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow
an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP 800-193-compliant Platform Firmware Resiliency (PFR) security subsystem significantly mitigates this issue.
AnalysisAI
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-1269. ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP 800-193-compliant Platform Firmware Resiliency (PFR) security subsystem significantly mitigates this issue. Affected products include: Lenovo Thinksystem Sr670 V2 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
An authenticated XCC user can change permissions for any user through a crafted API command. Rated high severity (CVSS 8
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined
A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API ca
A valid XCC user's local account permissions overrides their active directory permissions under specific configurations.
An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command
An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted AP
A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the u
A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. Rated
A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password u
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today