← Back

CVE-2015-3322

nvd nist
Published: Apr 16, 2015Modified: May 6, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.

Affected (10)

Lenovo
10 products
Thinkserver Rd650 Firmware
Thinkserver Rd650
Thinkserver Td350 Firmware
Thinkserver Td350
Thinkserver Rd350 Firmware
Thinkserver Rd350
Thinkserver Rd550 Firmware
Thinkserver Rd550
Thinkserver Rd450 Firmware
Thinkserver Rd450
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Thinkserver Rd650 Firmware
Up to 1.25.0
Thinkserver Rd650
All versions
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Thinkserver Td350 Firmware
Up to 1.25.0
Thinkserver Td350
All versions
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Thinkserver Rd350 Firmware
Up to 1.25.0
Thinkserver Rd350
All versions
Configuration D
2 vulnerable
Vulnerable SoftwareAffected Versions
Thinkserver Rd550 Firmware
Up to 1.25.0
Thinkserver Rd550
All versions
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Thinkserver Rd450 Firmware
Up to 1.25.0
Thinkserver Rd450
All versions

Related CWEs

CWE-310
CWE-310

References (4)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.