CVE-2017-3744
Published Jun 20, 2017
Last updated 5 years ago
Overview
- Description
- In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.
- Source
- psirt@lenovo.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-532
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:integrated_management_module_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CA6D55A-5391-4B6F-A399-A0449A1EBD8B",
"versionEndIncluding": "4.9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6"
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x240_m5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2D2CE7A5-1CEE-40C4-BE0E-573C28663A11"
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x280_x6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1563A13F-2E56-4E83-9C16-68B2C81843DB"
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E"
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x480_x6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F86B6B27-0E42-47C1-B2D9-A6C5B1364D9A"
},
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x880:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "68ED17ED-BE60-4EE3-9599-C88C3C7A626C"
},
{
"criteria": "cpe:2.3:h:lenovo:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "723D2A74-F6F3-4C73-AFD9-CDAE930D0FB9"
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3250_m6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D89A2206-7012-4938-9BE2-ACF014E3F3B2"
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3500_m5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5FC3467C-3F00-4EE3-B40E-3AE7F93094DD"
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3550_m5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "57A78B63-6588-4C40-BEBB-88C8DF467A18"
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3650_m5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "145F0B3C-A945-443B-AB08-329F72358801"
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90"
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3850_x6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F70A2471-D476-4FB7-8D1F-FEE0E4BF460C"
},
{
"criteria": "cpe:2.3:h:lenovo:system_x3950_x6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "25A3A89F-CB39-4E76-BC64-3C4F4788FB8C"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cx2200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CEA2F515-2E29-4478-AE61-9C513CC6901B"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cx4200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AC339542-79DA-45AB-B488-C99D1FEB8359"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_cx4600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "987FB06B-F349-48D5-B46C-CF23BD6B6811"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "740F81FC-AD9F-4AA0-9A32-7363363B7AEC",
"versionEndIncluding": "6.19"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0"
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A"
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0"
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E"
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9"
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4"
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6"
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE"
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F"
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39"
},
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB"
},
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50"
},
{
"criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308"
},
{
"criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]