Xclarity Administrator
Approved changes feed: RSS · Atom
cpe:2.3:a:lenovo_group_ltd.:xclarity_administrator:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Lenovo Group Ltd. (f9245967-9607-50cc-9335-86283a892944) |
|---|---|
| Product | Xclarity Administrator (c73216a7-b6e5-54df-85d0-8622750163df) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-3764 |
vulnerable | 2026-06-03 14:37:16.131298 |
Details available
A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed.
Published: 2017-11-30T19:00:00.000Z
Updated: 2024-09-17T02:46:43.637Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3745 |
vulnerable | 2026-06-03 14:37:15.852715 |
Details available
In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authenticated to the LXCA's internal LDAP server, including administrative accounts and service accounts with administrative privileges. This is an issue only for users who have used local authentication with LXCA and not remote authentication against external LDAP or ADFS servers.
Published: 2017-06-20T00:00:00.000Z
Updated: 2024-08-05T14:39:41.321Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-8233 |
vulnerable | 2026-06-03 14:36:09.140674 |
Details available
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.
Published: 2017-03-01T22:00:00.000Z
Updated: 2024-08-06T02:13:21.839Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.