CVE-2018-16097

LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.

Published: Nov 30, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-16097
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-434

Affected Software
References

Software	From	Fixed in
lenovo / xclarity_integrator	-	3.5
lenovo / xclarity_integrator	-	5.5

https://support.lenovo.com/us/en/solutions/LEN-23800

Vulnerability Database

290,206

CVE-2018-16097