Skip to main content

Chassis Management Module Firmware

2 CVEs product

Monthly

CVE-2018-9073 MEDIUM This Month

Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Lenovo Authentication Bypass Chassis Management Module Firmware
NVD
CVSS 3.0
5.9
EPSS
0.5%
CVE-2018-9071 MEDIUM This Month

Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Lenovo Information Disclosure Chassis Management Module Firmware
NVD
CVSS 3.0
5.3
EPSS
1.0%
EPSS 1% CVSS 5.9
MEDIUM This Month

Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Lenovo Authentication Bypass Chassis Management Module Firmware
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Lenovo Information Disclosure Chassis Management Module Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy