Lenovo System X3750 M4 Firmware

CPE Details

Lenovo System X3750 M4 Firmware
lenovo
system_x3750_m4_firmware
4.90
2018-11-08
17h50 +00:00
2018-11-08
17h50 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:lenovo:system_x3750_m4_firmware:4.90:*:*:*:*:*:*:*

Informations

Vendor

lenovo

Product

system_x3750_m4_firmware

Version

4.90

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-8332 2020-10-14 19h25 +00:00 A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.
6.4
Medium
CVE-2019-6157 2019-04-22 15h21 +00:00 In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support.
7.5
High
CVE-2018-9085 2018-11-16 13h00 +00:00 A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
4.9
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.