CVE-2015-3322

Name of the Vulnerable Software and Affected Versions Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers versions prior to 1.26.0

Description The issue concerns the use of weak encryption to store user and administrator BIOS passwords. This weakness allows attackers to decrypt the passwords, potentially leading to unauthorized access. The exact vectors used for the decryption are not specified.

Recommendations For versions prior to 1.26.0, update to version 1.26.0 or later to resolve the issue with weak encryption of BIOS passwords.