CVE-2022-34888
2.7
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Summary
The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Lenovo | Lenovo XClarity Controller | various | affected |
Weaknesses
- CWE-184: CWE-184: Incomplete List of Disallowed Inputs
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.