CVE-2019-6177
CRITICALLenovo Solution Center 03.12.003 - Exposure of Sensitive Information via Log File Misplacement
Title source: llmDescription
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Lenovo Vantage or Lenovo Diagnostics in April 2018.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.lenovo.com/solutions/LEN-27811
Scores
CVSS v3
9.8
EPSS
0.0022
EPSS Percentile
45.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-200
Status
published
Products (1)
lenovo/solution_center
03.12.003
Published
Aug 21, 2019
Tracked Since
Feb 18, 2026