Security Advisory

CVE-2023-4606

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-24 20:25:09

Last updated 2024-09-11 18:24:50

Assigner lenovo

State PUBLISHED

Description

An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.

← Browse all CVEs View on cve.org ↗