High severity7.0NVD Advisory· Published Jan 12, 2017· Updated May 6, 2026

CVE-2016-8221

Description

Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.

Affected products

Lenovo/Xclarity Administrator
cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*
Range: <=1.1.1
Lenovo Group Ltd./XClarity Administrator (LXCA)v5
Range: 1.2.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.lenovo.com/us/en/product_security/LEN_10605nvdPatchVendor Advisory
www.securityfocus.com/bid/95417nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000