In System Management Module (SMM) versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file.
References
Link | Resource |
---|---|
https://support.lenovo.com/us/en/solutions/LEN-24374 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2018-11-27 06:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-16092
Mitre link : CVE-2018-16092
JSON object : View
CWE
Products Affected
lenovo
- thinksystem_d2_enclosure_7x20
- thinksystem_modular_enclosure_7x22
- thinkagile_hx_enclosure_7y87
- thinkagile_hx_enclosure_7x81
- thinkagile_vx_enclosure_7y91
- thinkagile_hx_enclosure_7z02
- thinkagile_vx_enclosure_7y11
- system_management_module_firmware