← Back to CVEs
CVE-2019-6177
CRITICAL9.8
Description
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Lenovo Vantage or Lenovo Diagnostics in April 2018.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published8/21/2019
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
lenovo:solution_center
Weaknesses (CWE)
CWE-200
References
https://support.lenovo.com/solutions/LEN-27811(psirt@lenovo.com)
https://support.lenovo.com/solutions/LEN-27811(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.