VYPR

ThinkServer TSM

by Lenovo

CVEs (4)

  • CVE-2016-8236HigMar 3, 2017
    risk 0.49cvss 7.5epss 0.01

    Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77.

  • CVE-2016-8224MedNov 29, 2016
    risk 0.29cvss 4.4epss 0.00

    A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or…

  • CVE-2018-9086Nov 16, 2018
    risk 0.00cvss epss 0.02

    In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.

  • CVE-2015-3322Apr 16, 2015
    risk 0.00cvss epss 0.01

    Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.