CVE-2016-8221

Published: Jan 12, 2017Modified: May 6, 2026

7.0

Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.0 / Impact: 5.9

Source: NVD

Description

Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.

Affected (1)

Products: Lenovo: Xclarity Administrator

1 product

Xclarity Administrator

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Lenovo Xclarity Administrator	Up to 1.1.1

Related CWEs

References (4)

http://www.securityfocus.com/bid/95417

Source: psirt@lenovo.com

Third Party AdvisoryVDB Entry

https://support.lenovo.com/us/en/product_security/LEN_10605

Source: psirt@lenovo.com

PatchVendor Advisory

http://www.securityfocus.com/bid/95417

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://support.lenovo.com/us/en/product_security/LEN_10605

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.