VYPR
Unrated severityNVD Advisory· Published Nov 16, 2018· Updated Aug 5, 2024

CMM Security Vulnerability

CVE-2018-9073

Description

Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. Possession of the key can allow an attacker that has already compromised the server to decrypt these secrets.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.