CVE-2018-9066

Name of the Vulnerable Software and Affected Versions Lenovo xClarity Administrator versions prior to 2.1.0

Description The issue allows an authenticated LXCA user to inject additional parameters into a specific web API call, resulting in privileged command execution within LXCA's underlying operating system.

Recommendations For versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue.