Medium severity6.3NVD Advisory· Published May 1, 2023· Updated Jun 17, 2026
CVE-2023-25492
CVE-2023-25492
Description
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API.
Affected products
2- Range: See product security advisory below
Patches
Vulnerability mechanics
References
1- support.lenovo.com/us/en/product_security/LEN-99936nvdVendor Advisory
News mentions
0No linked articles in our index yet.