CVE-2017-3764

Published: Nov 30, 2017Modified: May 13, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed.

Affected (1)

Products: Lenovo: Xclarity Administrator

1 product

Xclarity Administrator

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Lenovo Xclarity Administrator	Before 1.4.0

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://support.lenovo.com/us/en/product_security/LEN-16335

Source: psirt@lenovo.com

PatchVendor Advisory

https://support.lenovo.com/us/en/product_security/LEN-16335

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.