CVE-2017-3763
MEDIUMLenovo XClarity Administrator < 1.3.2 - Unauthenticated Credential Exposure via File System Access
Title source: llmDescription
An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.lenovo.com/us/en/product_security/LEN-16333
Scores
CVSS v3
6.7
EPSS
0.0032
EPSS Percentile
23.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
lenovo/xclarity_administrator
< 1.3.1
Lenovo Group Ltd./Lenovo XClarity Administrator (LXCA)
Earlier than 1.3.2
Published
Sep 22, 2017
Tracked Since
Feb 18, 2026