CVE-2023-34420: A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API.

7.2 CVSS

Description

A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API.

CVSS Base Severity: HIGH

CVSS Base Score: 7.2

Vendor: Lenovo

Product: Lenovo XClarity Administrator

EPSS Score: 0.12% (probability of being exploited)

EPSS Percentile: 46.52% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

2024-12-05 00:32:04 UTC
CVE

A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API.