CVE-2017-3765
7.0
Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD
Description
In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted.
Affected (1)
Products: Lenovo: Enterprise Network Operating System
Configuration A
| Running on/with | Platform Versions |
|---|---|
Lenovo Flex System Fabric Cn4093 10gb Converged Scalable Switch | All versions |
Lenovo Flex System Fabric En4093r 10gb Scalable Switch | All versions |
Lenovo Flex System Fabric Si4093 10gb System Interconnect Module | All versions |
Lenovo Flex System Si4091 System Interconnect Module | All versions |
Lenovo Rackswitch G7028 | All versions |
Lenovo Rackswitch G7052 | All versions |
Lenovo Rackswitch G8052 | All versions |
Lenovo Rackswitch G8124e | All versions |
Lenovo Rackswitch G8264 | All versions |
Lenovo Rackswitch G8264cs | All versions |
Lenovo Rackswitch G8272 | All versions |
Lenovo Rackswitch G8296 | All versions |
Lenovo Rackswitch G8332 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 8.4.6.0 |
| Running on/with | Platform Versions |
|---|---|
Ibm 1g L2 7 Slb Switch For Bladecenter | All versions |
Ibm Bladecenter 1\ | Version 10g_uplink_ethernet_switch_module |
Ibm Bladecenter Layer 2/3 Copper Ethernet Switch Module | All versions |
Ibm Bladecenter Virtual Fabric 10gb Switch Module | All versions |
Ibm Flex System En2092 1gb Ethernet Scalable Switch | All versions |
Ibm Flex System Fabric Cn4093 10gb Converged Scalable Switch | All versions |
Ibm Flex System Fabric En4093/en4093r 10gb Scalable Switch | All versions |
Ibm Flex System Fabric Si4093 10gb System Interconnect Module | All versions |
Ibm Rackswitch G8052 | All versions |
Ibm Rackswitch G8124 | All versions |
Ibm Rackswitch G8124e | All versions |
Ibm Rackswitch G8264 | All versions |
Ibm Rackswitch G8264cs | All versions |
Ibm Rackswitch G8264t | All versions |
Ibm Rackswitch G8316 | All versions |
Ibm Rackswitch G8332 | All versions |
References (4)
Source: psirt@lenovo.com
MitigationPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatchVendor Advisory
Timeline
No history available yet.