Unrated severityNVD Advisory· Published Nov 16, 2018· Updated Aug 5, 2024
CMM Security Vulnerability
CVE-2018-9073
Description
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. Possession of the key can allow an attacker that has already compromised the server to decrypt these secrets.
Affected products
2<2.0.0+ 1 more
- (no CPE)range: <2.0.0
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- support.lenovo.com/us/en/solutions/LEN-23806mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.