CVE-2017-3770

EUVD-2017-12887
Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
Affected Products (NVD)
VendorProductVersion
lenovoxclarity_administrator
𝑥
≤ 1.3.1
𝑥
= Vulnerable software versions
References
https://support.lenovo.com/us/en/product_security/LEN-16333
https://support.lenovo.com/us/en/product_security/LEN-16333