Back to search
CVE-2019-6161
Published: Sep 26, 2019
Modified: Sep 17, 2024
PUBLISHED
Description
An internal product security audit discovered a session handling vulnerability in the web interface of ThinkAgile CP-SB (Storage Block) BMC in firmware versions prior to 1908.M. This vulnerability allows session IDs to be reused, which could provide unauthorized access to the BMC under certain circumstances. This vulnerability does not affect ThinkSystem XCC, System x IMM2, or other BMCs.
| Vendor | Product | Versions |
|---|---|---|
Lenovo | ThinkAgile CP-SB | affected unspecified - < 1908.M |
References
https://support.lenovo.com/solutions/LEN-26957
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now