mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
86 lines
2.5 KiB
JSON
86 lines
2.5 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "psirt@lenovo.com",
|
|
"ID" : "CVE-2018-16097",
|
|
"STATE" : "PUBLIC",
|
|
"TITLE" : "LXCI for VMware and LXCI for Microsoft System Center"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "LXCI for VMware",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"affected" : "<",
|
|
"version_value" : "5.5"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name" : "LXCI for Microsoft System Center",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"affected" : "<",
|
|
"version_value" : "3.5"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "Lenovo"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "file system modification"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "https://support.lenovo.com/us/en/solutions/LEN-23800",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://support.lenovo.com/us/en/solutions/LEN-23800"
|
|
}
|
|
]
|
|
},
|
|
"solution" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Update LXCI for VMware to version 5.5 or higher.\nUpdate LXCI for Microsoft System Center to version 3.5 or higher."
|
|
}
|
|
],
|
|
"source" : {
|
|
"advisory" : "LEN-23800",
|
|
"discovery" : "INTERNAL"
|
|
}
|
|
}
|