CVE-2019-6157
22.04.2019, 16:29
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| lenovo | flex_system_x240_m4_firmware | 𝑥 < 5.30 |
| lenovo | flex_system_x240_m5_firmware | 𝑥 < 5.30 |
| lenovo | flex_system_x280_x6_firmware | 𝑥 < 5.30 |
| lenovo | flex_system_x440_m4_firmware | 𝑥 < 5.30 |
| lenovo | flex_system_x480_x6_firmware | 𝑥 < 5.30 |
| lenovo | flex_system_x880_firmware | 𝑥 < 5.30 |
| lenovo | nextscale_nx360_m5_firmware | 𝑥 < 5.30 |
| lenovo | system_x3250_m6_firmware | 𝑥 < 5.30 |
| lenovo | system_x3500_m5_firmware | 𝑥 < 5.30 |
| lenovo | system_x3550_m5_firmware | 𝑥 < 5.30 |
| lenovo | system_x3650_m5_firmware | 𝑥 < 5.30 |
| lenovo | system_x3750_m4_firmware | 𝑥 < 5.30 |
| lenovo | system_x3850_x6_firmware | 𝑥 < 5.30 |
| lenovo | system_x3950_x6_firmware | 𝑥 < 5.30 |
| ibm | bladecenter_hs22_firmware | 𝑥 < 7.20 |
| ibm | bladecenter_hs23_firmware | 𝑥 < 7.20 |
| ibm | bladecenter_hs23e_firmware | 𝑥 < 7.20 |
| ibm | flex_system_x220_m4_firmware | 𝑥 < 7.20 |
| ibm | flex_system_x222_m4_firmware | 𝑥 < 7.20 |
| ibm | flex_system_x240_m4_firmware | 𝑥 < 7.20 |
| ibm | flex_system_x280_m4_firmware | 𝑥 < 7.20 |
| ibm | flex_system_x440_m4_firmware | 𝑥 < 7.20 |
| ibm | flex_system_x480_m4_firmware | 𝑥 < 7.20 |
| ibm | flex_system_x880_m4_firmware | 𝑥 < 7.20 |
| ibm | idataplex_dx360_m4_firmware | 𝑥 < 7.20 |
| ibm | idataplex_dx360_m4_water_cooled_firmware | 𝑥 < 7.20 |
| ibm | nextscale_nx360_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3100_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3100_m5_firmware | 𝑥 < 7.20 |
| ibm | system_x3250_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3250_m5_firmware | 𝑥 < 7.20 |
| ibm | system_x3300_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3500_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3530_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3550_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3630_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3650_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3650_m4_bd_firmware | 𝑥 < 7.20 |
| ibm | system_x3650_m4_hd_firmware | 𝑥 < 7.20 |
| ibm | system_x3750_m4_firmware | 𝑥 < 7.20 |
| ibm | system_x3850_x6_firmware | 𝑥 < 7.20 |
| ibm | system_x3950_x6_firmware | 𝑥 < 7.20 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration