PT-2019-18006 · Lenovo · Lenovo Solution Center+2
Published
2019-08-21
·
Updated
2022-10-14
·
CVE-2019-6177
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Lenovo Solution Center version 03.12.003
Description
A reported issue could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center in April 2018 and recommended migration to Lenovo Vantage or Lenovo Diagnostics.
Recommendations
For Lenovo Solution Center version 03.12.003, migrate to Lenovo Vantage or Lenovo Diagnostics as recommended by Lenovo, since the affected version is no longer supported.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lenovo Diagnostics
Lenovo Solution Center
Lenovo Vantage