CVE-2018-9071

Summary

Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration.

Affected Software

VendorProductVersion RangeStatus
LenovoChassis Management Module (CMM)unspecified < 2.0.0affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References