CVE-2017-3770

Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
lenovoxclarity_administrator
𝑥
≤ 1.3.1
𝑥
= Vulnerable software versions
References
https://support.lenovo.com/us/en/product_security/LEN-16333
https://support.lenovo.com/us/en/product_security/LEN-16333