CVE-2017-3763
MEDIUMLenovo XClarity Administrator < 1.3.2 - Unauthenticated Credential Exposure via File System Access
Title source: llmDescription
An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.lenovo.com/us/en/product_security/LEN-16333
Scores
CVSS v3
6.7
EPSS
0.0005
EPSS Percentile
16.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
lenovo/xclarity_administrator
< 1.3.1
Lenovo Group Ltd./Lenovo XClarity Administrator (LXCA)
Earlier than 1.3.2
Published
Sep 22, 2017
Tracked Since
Feb 18, 2026