CVE-2022-34888

The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect.

Published: Jan 30, 2023
Updated: Apr 14, 2023
CVE: CVE-2022-34888
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-697

Affected Software
References

Software	From	Fixed in
lenovo / thinkagile_vx3331_firmware	-	1.80_afbt20n
lenovo / thinkagile_hx_enclosure_certified_node_firmware	-	5.20_tei3c8m
lenovo / thinkagile_hx1021_firmware	-	3.60_tei386m
lenovo / thinkagile_hx1320_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx1321_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx1520-r_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx1521-r_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx2320-e_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx2321_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx2720-e_firmware	-	5.20_tei3c8m
lenovo / thinkagile_hx3320_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx3321_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx3375_firmware	-	4.10_d8bt38l
lenovo / thinkagile_hx3376_firmware	-	4.10_d8bt38l
lenovo / thinkagile_hx3520-g_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx3521-g_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx3720_firmware	-	5.20_tei3c8m
lenovo / thinkagile_hx3721_firmware	-	5.20_tei3c8m
lenovo / thinkagile_hx5520_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx5520-c_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx5521_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx5521-c_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx7520_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx7521_firmware	-	8.40-cdi394n
lenovo / thinkagile_hx7820_firmware	-	2.50_psi346l
lenovo / thinkagile_hx7821_firmware	-	2.50_psi346l
lenovo / thinkagile_mx1020_firmware	-	3.60_tei386m.x
lenovo / thinkagile_mx3330-f_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx3330-h_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx3331-f_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx3331-h_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx3530_f_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx3530-h_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx3531-f_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx3531_h_firmware	-	1.80_afbt20n
lenovo / thinkagile_mx1021_firmware	-	3.60_tei386m
lenovo / thinkagile_vx_1se_certified_node_firmware	-	5.20_tei3c8m
lenovo / thinkagile_vx_2u4n_firmware	-	5.20_tei3c8m
lenovo / thinkagile_vx_4u_firmware	-	2.50_psi346l
lenovo / thinkagile_vx1320_firmware	-	5.20_tei3c8m
lenovo / thinkagile_vx2320_firmware	-	8.40-cdi394n
lenovo / thinkagile_vx2330_firmware	-	1.80_afbt20n
lenovo / thinkagile_vx3320_firmware	-	8.40-cdi394n
lenovo / thinkagile_vx3330_firmware	-	1.80_afbt20n
lenovo / thinkagile_vx3520-g_firmware	-	8.40-cdi394n
lenovo / thinkagile_vx3530-g_firmware	-	1.80_afbt20n
lenovo / thinkagile_vx3720_firmware	-	5.20_tei3c8m
lenovo / thinkagile_vx5520_firmware	-	8.40-cdi394n
lenovo / thinkagile_vx5530_firmware	-	1.80_afbt20n
lenovo / thinkagile_vx7320_n_firmware	-	8.40-cdi394n
lenovo / thinkagile_vx7330_firmware	-	1.80_afbt20n
lenovo / thinkagile_vx7520_firmware	-	8.40-cdi394n
lenovo / thinkagile_vx7520_n_firmware	-	8.40-cdi394n
lenovo / thinkagile_vx7530_firmware	-	1.80_afbt20n
lenovo / thinkagile_vx7531_firmware	-	1.80_afbt20n
lenovo / thinkagile_vx7820_firmware	-	2.50_psi346l
lenovo / thinkedge_se450_firmware	-	1.10_usx304w
lenovo / thinkstation_p920_firmware	-	8.40-cdi394n
lenovo / thinksystem_sd530_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sd630_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_sd650_dwc_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sd650_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_sd650-n_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_se350_firmware	-	3.60_tei386m
lenovo / thinksystem_sn550_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sn550_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_sn850_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sr150_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sr158_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sr250_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sr250_v2_firmware	-	1.96_tgbt34x
lenovo / thinksystem_sr258_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sr258_v2_firmware	-	1.96_tgbt34x
lenovo / thinksystem_sr530_firmware	-	8.40-cdi394n
lenovo / thinksystem_sr550_firmware	-	8.40-cdi394n
lenovo / thinksystem_sr570_firmware	-	8.40-cdi394n
lenovo / thinksystem_sr590_firmware	-	8.40-cdi394n
lenovo / thinksystem_sr630_firmware	-	8.40-cdi394n
lenovo / thinksystem_sr630_v2_firmware	-	1.80_afbt20n
lenovo / thinksystem_sr645_firmware	-	4.10_d8bt38l
lenovo / thinksystem_sr650_firmware	-	8.40-cdi394n
lenovo / thinksystem_sr650_v2_firmware	-	1.80_afbt20n
lenovo / thinksystem_sr665_firmware	-	4.10_d8bt38l
lenovo / thinksystem_sr670_firmware	-	3.60_tei386m
lenovo / thinksystem_sr670_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_sr850_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sr850_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_sr850p_firmware	-	3.60_tei386m
lenovo / thinksystem_sr860_firmware	-	5.20_tei3c8m
lenovo / thinksystem_sr860_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_sr950_firmware	-	2.50_psi346l
lenovo / thinksystem_st250_firmware	-	5.20_tei3c8m
lenovo / thinksystem_st250_v2_firmware	-	1.96_tgbt34x
lenovo / thinksystem_st258_firmware	-	5.20_tei3c8m
lenovo / thinksystem_st258_v2_firmware	-	1.96_tgbt34x
lenovo / thinksystem_st550_firmware	-	8.40-cdi394n
lenovo / thinksystem_st650_v2_firmware	-	2.00_tgbt36o
lenovo / thinksystem_st658_v2_firmware	-	2.00_tgbt36o

https://support.lenovo.com/us/en/product_security/LEN-87734

Vulnerability Database

289,784

CVE-2022-34888