CVE-2017-3765
N/A
N/A
Summary
In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Lenovo Group Ltd. | Enterprise Network Operating System affecting Lenovo and IBM RackSwitch and BladeCenter Products | Earlier than | affected |
Weaknesses
- Authentication Bypass
ADP Enrichment
CVE Program Container
Additional References
- https://support.lenovo.com/us/en/product_security/LEN-16095
- http://www.securitytracker.com/id/1040296
References
- https://support.lenovo.com/us/en/product_security/LEN-16095
- http://www.securitytracker.com/id/1040296
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.