Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2023-29058

A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions.

  • Published: Apr 28, 2023
  • Updated: May 9, 2023
  • CVE: CVE-2023-29058
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

No CWE or OWASP classifications available.

Software From Fixed in
lenovo / thinkagile_hx5530_firmware - 2.93_afbt30p
lenovo / thinkagile_hx7530_firmware - 2.93_afbt30p
lenovo / thinkagile_vx3331_firmware - 2.93_afbt30p
lenovo / thinkagile_hx_enclosure_firmware - 3.72_tei388s
lenovo / thinkagile_hx1021_firmware - 3.72_tei388s
lenovo / thinkagile_hx1320_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx1321_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx1331_firmware - 2.93_afbt30p
lenovo / thinkagile_hx1520-r_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx1521-r_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx2320-e_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx2321_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx2330_firmware - 2.93_afbt30p
lenovo / thinkagile_hx2330_firmware 2.93_afbt30p 2.93_afbt30p.x
lenovo / thinkagile_hx2331_firmware - 2.93_afbt30p
lenovo / thinkagile_hx2720-e_firmware - 3.72_tei388s
lenovo / thinkagile_hx3320_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx3321_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx3330_firmware - 2.93_afbt30p
lenovo / thinkagile_hx3331_firmware - 2.93_afbt30p
lenovo / thinkagile_hx3331_firmware - 4.71_d8bt48p
lenovo / thinkagile_hx3375_firmware - 4.71_d8bt48p
lenovo / thinkagile_hx3376_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx3520-g_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx3521-g_firmware - 3.72_tei388s
lenovo / thinkagile_hx3720_firmware - 3.72_tei388s
lenovo / thinkagile_hx3721_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx5520_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx5520-c_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx5521_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx5521-c_firmware - 2.93_afbt30p
lenovo / thinkagile_hx5531_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx7520_firmware - 8.88_cdi3a4a
lenovo / thinkagile_hx7521_firmware - 2.93_afbt30p
lenovo / thinkagile_hx7531_firmware - 2.93_afbt30p
lenovo / thinkagile_hx7531_firmware - 2.75_psi348s
lenovo / thinkagile_hx7820_firmware - 2.75_psi348s
lenovo / thinkagile_hx7821_firmware - 3.72_tei388s
lenovo / thinkagile_mx1020_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3330-f_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3330-h_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3331-f_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3331-h_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3530_f_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3530-h_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3531_h_firmware - 2.93_afbt30p
lenovo / thinkagile_mx3531-f_firmware - 3.72_tei388s
lenovo / thinkagile_mx1021_on_se350_firmware - 3.72_tei388s
lenovo / thinkagile_vx_1se_firmware - 3.72_tei388s
lenovo / thinkagile_vx_2u4n_firmware - 3.72_tei388s
lenovo / thinkagile_vx_4u_firmware - 2.75_psi348s
lenovo / thinkagile_vx1320_firmware - 3.72_tei388s
lenovo / thinkagile_vx2320_firmware - 8.88_cdi3a4a
lenovo / thinkagile_vx2330_firmware - 2.93_afbt30p
lenovo / thinkagile_vx3320_firmware - 8.88_cdi3a4a
lenovo / thinkagile_vx3330_firmware - 2.93_afbt30p
lenovo / thinkagile_vx3520-g_firmware - 8.88_cdi3a4a
lenovo / thinkagile_vx3530-g_firmware - 2.93_afbt30p
lenovo / thinkagile_vx3720_firmware - 3.72_tei388s
lenovo / thinkagile_vx5520_firmware - 8.88_cdi3a4a
lenovo / thinkagile_vx5530_firmware - 2.93_afbt30p
lenovo / thinkagile_vx7320_n_firmware - 8.88_cdi3a4a
lenovo / thinkagile_vx7330_firmware - 2.93_afbt30p
lenovo / thinkagile_vx7520_firmware - 8.88_cdi3a4a
lenovo / thinkagile_vx7520_n_firmware - 8.88_cdi3a4a
lenovo / thinkagile_vx7530_firmware - 2.93_afbt30p
lenovo / thinkagile_vx7531_firmware - 2.93_afbt30p
lenovo / thinkagile_vx7820_firmware - 2.75_psi348s
lenovo / thinkedge_se450__firmware - 1.60_usx324o
lenovo / thinkstation_p920_firmware - 8.88_cdi3a4a
lenovo / thinksystem_sd530_firmware - 3.72_tei388s
lenovo / thinksystem_sd630_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sd650_firmware - 3.72_tei388s
lenovo / thinksystem_sd650_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sd650-n_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_se350_firmware - 3.72_tei388s
lenovo / thinksystem_sn550_firmware - 3.72_tei388s
lenovo / thinksystem_sn550_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sn850_firmware - 3.72_tei388s
lenovo / thinksystem_sr150_firmware - 3.72_tei388s
lenovo / thinksystem_sr158_firmware - 3.72_tei388s
lenovo / thinksystem_sr250_firmware - 3.72_tei388s
lenovo / thinksystem_sr250_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sr258_firmware - 3.72_tei388s
lenovo / thinksystem_sr258_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sr530_firmware - 8.88_cdi3a4a
lenovo / thinksystem_sr550_firmware - 8.88_cdi3a4a
lenovo / thinksystem_sr570_firmware - 8.88_cdi3a4a
lenovo / thinksystem_sr590_firmware - 8.88_cdi3a4a
lenovo / thinksystem_sr630_firmware - 8.88_cdi3a4a
lenovo / thinksystem_sr630_v2_firmware - 2.93_afbt30p
lenovo / thinksystem_sr645_firmware - 4.71_d8bt48p
lenovo / thinksystem_sr645_v3_firmware - 4.71_d8bt48p
lenovo / thinksystem_sr650_firmware - 8.88_cdi3a4a
lenovo / thinksystem_sr650_v2_firmware - 2.93_afbt30p
lenovo / thinksystem_sr665_firmware - 4.71_d8bt48p
lenovo / thinksystem_sr665_v3_firmware - 4.71_d8bt48p
lenovo / thinksystem_sr670_firmware - 3.72_tei388s
lenovo / thinksystem_sr670_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sr850_firmware - 3.72_tei388s
lenovo / thinksystem_sr850_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sr850p_firmware - 3.72_tei388s
lenovo / thinksystem_sr860_firmware - 3.72_tei388s
lenovo / thinksystem_sr860_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_sr950_firmware - 2.75_psi348s
lenovo / thinksystem_st250_firmware - 3.72_tei388s
lenovo / thinksystem_st250_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_st258_firmware - 3.72_tei388s
lenovo / thinksystem_st258_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_st550_firmware - 8.88_cdi3a4a
lenovo / thinksystem_st650_v2_firmware - 2.60_tgbt42h
lenovo / thinksystem_st658_v2_firmware - 2.60_tgbt42h