CVE-2018-9084

In System Management Module (SMM) versions prior to 1.06, if an attacker manages to log in to the device OS, the validation of software updates can be circumvented.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:lenovo:system_management_module_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y91:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7z02:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7y87:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkagile_hx_enclosure_7x81:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinksystem_modular_enclosure_7x22:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinksystem_d2_enclosure_7x20:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkagile_vx_enclosure_7y11:-:*:*:*:*:*:*:*

Information

Published : 2018-11-27 06:29

Updated : 2019-10-02 17:03


NVD link : CVE-2018-9084

Mitre link : CVE-2018-9084


JSON object : View

Advertisement

dedicated server usa

Products Affected

lenovo

  • thinksystem_d2_enclosure_7x20
  • thinksystem_modular_enclosure_7x22
  • thinkagile_hx_enclosure_7y87
  • thinkagile_hx_enclosure_7x81
  • system_management_module_firmware
  • thinkagile_vx_enclosure_7y91
  • thinkagile_vx_enclosure_7y11
  • thinkagile_hx_enclosure_7z02