CVE-2018-16097 Information

Description

LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5 allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Reference

https://support.lenovo.com/us/en/solutions/LEN-23800

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

6.5