VYPR
Medium severity4.1NVD Advisory· Published Oct 25, 2023· Updated Jun 17, 2026

CVE-2023-4608

CVE-2023-4608

Description

An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.

This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2023-4608 · Medium · VYPR