Description
The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of service (web interface crash) via a malformed HTTP request during authentication.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/74197
Vendor Advisory x_refsource_confirm
http://support.lenovo.com/us/en/product_security/tsm_weak_pw
Scores
EPSS
0.0072
EPSS Percentile
72.7%
Details
CWE
CWE-20
Status
published
Products (1)
lenovo/thinkserver_system_manager_baseboard_management_controller_firmware
< 118.71532.
Published
Apr 16, 2015
Tracked Since
Feb 18, 2026