CVE-2016-8221 Information

Description

Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0 if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs) certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/95417 https://support.lenovo.com/us/en/product_security/LEN_10605

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.0