Medium severity5.3NVD Advisory· Published Apr 28, 2023· Updated Jun 17, 2026
CVE-2023-29056
CVE-2023-29056
Description
A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Authorization and have the login permission attribute not defined.
Affected products
2- Range: Refer to Mitigation strategy section in LEN-118321
Patches
Vulnerability mechanics
References
1- support.lenovo.com/us/en/product_security/LEN-118321nvdVendor Advisory
News mentions
0No linked articles in our index yet.