| |
Vulnerability CVE-2023-4608
Published: 2023-10-25
| Description: |
An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.
This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected. |
Type:
CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
References: |
https://support.lenovo.com/us/en/product_security/LEN-140960
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|