VYPR

Thinkserver Td350

by Lenovo

CVEs (3)

  • CVE-2018-9086HigNov 16, 2018
    risk 0.47cvss 7.2epss 0.02

    In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.

  • CVE-2016-8106MedJan 9, 2017
    risk 0.39cvss 5.9epss 0.05

    A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.

  • CVE-2015-3322Apr 16, 2015
    risk 0.00cvss epss 0.01

    Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.