CVE-2019-6195

An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted read-only access to higher-privileged information if 1) “LDAP Authentication Only with Local Authorization” mode is configured and used by XCC, and 2) a lesser privileged user logs into XCC within 1 minute of a higher privileged user logging out. The authorization bypass does not exist when “Local Authentication and Authorization” or “LDAP Authentication and Authorization” modes are configured and used by XCC.

CVSS v3 4.8 MEDIUM
CVSS v2.0 2.1 LOW

4.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:S/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://support.lenovo.com/us/en/product_security/LEN-29116	Vendor Advisory
https://support.lenovo.com/us/en/product_security/LEN-29116	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:lenovo:xclarity_controller:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lenovo:thinkagile_hx_1000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_2000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_3000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_5000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_7000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_1000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_2000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_3000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_5000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_7000:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sd530:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sd650_dwc:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sn550:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sn850:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr150:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr158:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr250:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr258:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr850:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr860:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st250:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st258:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:a:lenovo:xclarity_controller:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:lenovo:thinkagile_hx_1000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_2000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_3000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_5000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx_7000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_mx_sr650:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_1000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_2000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_3000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_5000:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_7000:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr530:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr550:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr570:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr590:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr630:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr650:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st550:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st558:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:a:lenovo:xclarity_controller:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:thinksystem_sr950_server:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:46

Type	Values Removed	Values Added
References	~~() https://support.lenovo.com/us/en/product_security/LEN-29116 - Vendor Advisory~~	() https://support.lenovo.com/us/en/product_security/LEN-29116 - Vendor Advisory

Information

Published : 2020-02-14 17:15

Updated : 2024-11-21 04:46

NVD link : CVE-2019-6195

Mitre link : CVE-2019-6195

CVE.ORG link : CVE-2019-6195

JSON object : View

Products Affected

lenovo

thinkagile_vx_2000
xclarity_controller
thinkagile_hx_2000
thinksystem_sd650_dwc
thinksystem_sr258
thinksystem_sr650
thinkagile_vx_5000
thinksystem_sr150
thinksystem_sr530
thinkagile_mx_sr650
thinkagile_hx_1000
thinksystem_sr158
thinksystem_sr850
thinkagile_hx_7000
thinksystem_sr860
thinksystem_sr250
thinksystem_sr590
thinkagile_hx_3000
thinksystem_st558
thinksystem_sr630
thinkagile_vx_1000
thinkagile_vx_3000
thinksystem_st258
thinksystem_sr550
thinksystem_sr950_server
thinksystem_sn550
thinkagile_hx_5000
thinksystem_st250
thinksystem_sn850
thinksystem_sr570
thinksystem_st550
thinkagile_vx_7000
thinksystem_sd530

CWE

CWE-264

Permissions, Privileges, and Access Controls

CWE-269

Improper Privilege Management

{"id": "CVE-2019-6195", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@lenovo.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2020-02-14T17:15:13.223", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-29116", "tags": ["Vendor Advisory"], "source": "psirt@lenovo.com"}, {"url": "https://support.lenovo.com/us/en/product_security/LEN-29116", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@lenovo.com", "description": [{"lang": "en", "value": "CWE-264"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted read-only access to higher-privileged information if 1) \u201cLDAP Authentication Only with Local Authorization\u201d mode is configured and used by XCC, and 2) a lesser privileged user logs into XCC within 1 minute of a higher privileged user logging out. The authorization bypass does not exist when \u201cLocal Authentication and Authorization\u201d or \u201cLDAP Authentication and Authorization\u201d modes are configured and used by XCC."}, {"lang": "es", "value": "Se presenta una omisi\u00f3n de autorizaci\u00f3n en Lenovo XClarity Controller (XCC) versiones anteriores a 3.08 CDI340V, versi\u00f3n 3.01 TEI392O, versi\u00f3n 1.71 PSI328N, donde un usuario autenticado v\u00e1lido con privilegios menores puede tener acceso de solo de lectura a informaci\u00f3n con privilegios superiores si 1) \"LDAP Authentication Only with Local Authorization\u201d es configurado y utilizado por XCC, y 2) un usuario con menos privilegios inicia sesi\u00f3n en XCC dentro de 1 minuto despu\u00e9s de que un usuario con mayor privilegio cierre sesi\u00f3n. La omisi\u00f3n de autorizaci\u00f3n no se presenta cuando los modos \u201cLocal Authentication and Authorization\u201d o \u201cLDAP Authentication and Authorization\u201d son configurados y utilizados por XCC."}], "lastModified": "2024-11-21T04:46:09.123", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:xclarity_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1008B2EE-5CA0-44D3-A5E4-BD558AA954DE", "versionEndExcluding": "3.01_tei392o"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "861FD9CF-A71F-4B9F-AD63-89BEFF9FB170"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "46A03175-61F0-4077-B6E6-54967E012FE3"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "61548AD5-85A8-45E2-8E42-3879190C32E6"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BAEAD534-FE95-4E16-91F1-9ABDB96E3B5E"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E7A98501-D0CA-410E-86D3-A5E1420D1D3A"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AABC0D8-FCA9-46D0-A147-DF6D65154465"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2DBC750-1F52-4418-BA06-95A3C33B2757"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F86AB334-137C-4DC6-AFCD-6CBFBEA862DA"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0553591B-FAFC-4601-92C0-5212D86FB60B"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26D5D977-101A-4D02-AAFC-05D1E8C81D6B"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sd530:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2588DA2E-6E58-4FA2-9AA6-FC669C042197"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sd650_dwc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D32821FA-D82A-450D-BA5B-E020CD1BEDA8"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sn550:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5DB64709-93BA-43D8-A1DB-4CE405291430"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sn850:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1DB0C393-2CB4-485F-93E2-2F28B19F9325"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6334030-07E4-45F4-A233-4A37F77FC573"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr158:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D94182EE-10FE-4506-BDE0-06F4140923FC"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C5B52AC1-714E-4217-8599-80D99E0D33B3"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr258:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB19D273-4975-4957-AE94-117B607CD746"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr850:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19771143-D5F1-4F2F-AB83-09913894681E"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr860:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EAF08144-ECCB-477B-A934-E4578522BFEE"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_st250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DBF2350D-34B1-44DB-8E4A-6F29B37D96CF"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_st258:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "089F97B1-FEDE-4A5D-91D3-0517E8D39174"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:xclarity_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72CC8224-6832-4C72-8414-58AA7228002E", "versionEndExcluding": "3.08_cdi340v"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "861FD9CF-A71F-4B9F-AD63-89BEFF9FB170"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "46A03175-61F0-4077-B6E6-54967E012FE3"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "61548AD5-85A8-45E2-8E42-3879190C32E6"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BAEAD534-FE95-4E16-91F1-9ABDB96E3B5E"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E7A98501-D0CA-410E-86D3-A5E1420D1D3A"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_mx_sr650:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C08EE1EA-C77F-4077-9B46-5ABEAC022979"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AABC0D8-FCA9-46D0-A147-DF6D65154465"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2DBC750-1F52-4418-BA06-95A3C33B2757"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F86AB334-137C-4DC6-AFCD-6CBFBEA862DA"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0553591B-FAFC-4601-92C0-5212D86FB60B"}, {"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26D5D977-101A-4D02-AAFC-05D1E8C81D6B"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr530:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4C6628A-8A99-4841-A7C5-0445A03C638D"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr550:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D10850BF-A7EA-4B84-B2EF-66DCCC301514"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr570:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A7C5BE3-5429-46B0-B0B5-C86A9B6376A7"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr590:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3DC615C-A88A-4C45-892F-77C5E84104E8"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr630:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D7F10C8D-C9C7-4FAD-980D-7A602C8BE81D"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_sr650:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6C2B5BB-6E1F-4E01-AAE8-A8239AB8945E"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_st550:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A5B19107-5B45-4E45-8B34-90B5A1FF3962"}, {"criteria": "cpe:2.3:h:lenovo:thinksystem_st558:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "30CFA6D5-7D07-4BFF-8AD2-DE591EDE0186"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:xclarity_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5068D399-065C-4E84-A546-B19EE2E4DBD3", "versionEndExcluding": "1.71_psi328n"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinksystem_sr950_server:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0DF54D69-A781-45F8-852F-3A9D575ADB75"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@lenovo.com"}

4.8 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1 /10

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2019-6195

4.8^/10

2.1^/10

Attach tags to `CVE-2019-6195`