CVE-2021-3473

An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore password typically exists in this internal log buffer for less than 10 minutes before being overwritten. Generating an FFDC service log will include the log buffer contents, including the backup/restore password if present. The FFDC service log is only generated when requested by a privileged XCC user and it is only accessible to the privileged XCC user that requested the file. The backup/restore password is not captured if the backup/restore is initiated directly from XCC.

CVSS v3.0 4.9 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.9^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://support.lenovo.com/us/en/product_security/LEN-52117	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:lenovo:xclarity_controller:6.00_cdi370q:*:*:*:*:*:*:*

OR	cpe:2.3:h:lenovo:thinkagile_hx1320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx2320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3375:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3720:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx5520:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx7520:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx7820:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_mx_certified_nodes:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_1u:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr630:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr530:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr570:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr590:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr650:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st550:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st558:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_2u:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_dense:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:a:lenovo:xclarity_controller:1.10_tgbt12q:*:*:*:*:*:*:*

OR	cpe:2.3:h:lenovo:thinkagile_hx1320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx2320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3375:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3720:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx5520:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx7520:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx7820:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_mx1020:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_mx_certified_nodes:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_se350:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_1u:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_2u:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_dense:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr850p:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr670:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:a:lenovo:xclarity_controller:2.14_psi338i:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:thinksystem_sr950:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:a:lenovo:xclarity_controller:4.40_tei3b2p:*:*:*:*:*:*:*

OR	cpe:2.3:h:lenovo:thinkagile_hx1320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx2320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3320:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3375:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx3720:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx5520:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx7520:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_hx7820:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_1u:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_2u:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sd530:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sd650:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sn550:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sn850:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr150:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr158:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr250:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr258:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr850:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_sr860:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st250:-:::::::*
	cpe:2.3:h:lenovo:thinksystem_st258:-:::::::*
	cpe:2.3:h:lenovo:thinkagile_vx_dense:-:::::::*

Information

Published : 2021-04-13 14:15

Updated : 2021-04-23 12:14

NVD link : CVE-2021-3473

Mitre link : CVE-2021-3473

JSON object : View

CWE

CWE-312

Cleartext Storage of Sensitive Information

Products Affected

lenovo

thinksystem_st558
thinksystem_sr530
thinksystem_sn550
thinksystem_sr158
thinkagile_hx2320
thinkagile_hx3320
thinkagile_hx3375
thinksystem_se350
thinksystem_st550
thinksystem_sd530
thinksystem_sr630
thinkagile_mx1020
thinksystem_sd650
thinksystem_sr670
thinkagile_hx7820
thinkagile_hx7520
thinkagile_vx_dense
thinksystem_sr258
thinksystem_sr590
thinksystem_sn850
thinkagile_hx5520
thinkagile_vx_1u
thinksystem_sr250
thinkagile_mx_certified_nodes
thinksystem_sr950
thinksystem_sr650
thinkagile_vx_2u
thinksystem_sr150
xclarity_controller
thinksystem_sr570
thinksystem_sr860
thinksystem_st250
thinksystem_sr850p
thinkagile_hx3520-g
thinkagile_hx1320
thinksystem_st258
thinksystem_sr850
thinkagile_hx3720

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-52117", "name": "https://support.lenovo.com/us/en/product_security/LEN-52117", "tags": ["Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore password typically exists in this internal log buffer for less than 10 minutes before being overwritten. Generating an FFDC service log will include the log buffer contents, including the backup/restore password if present. The FFDC service log is only generated when requested by a privileged XCC user and it is only accessible to the privileged XCC user that requested the file. The backup/restore password is not captured if the backup/restore is initiated directly from XCC."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-312"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-3473", "ASSIGNER": "psirt@lenovo.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}}, "publishedDate": "2021-04-13T21:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:lenovo:xclarity_controller:6.00_cdi370q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx1320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx2320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3375:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3720:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx5520:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx7520:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx7820:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_mx_certified_nodes:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_1u:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr630:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr530:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr570:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr590:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr650:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_st550:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_st558:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_2u:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_dense:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:lenovo:xclarity_controller:1.10_tgbt12q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx1320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx2320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3375:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3720:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx5520:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx7520:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx7820:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_mx1020:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_mx_certified_nodes:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_se350:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_1u:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_2u:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_dense:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr850p:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr670:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:lenovo:xclarity_controller:2.14_psi338i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr950:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:lenovo:xclarity_controller:4.40_tei3b2p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx1320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx2320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3375:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx3720:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx5520:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx7520:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_hx7820:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_1u:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_2u:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sd530:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sd650:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sn550:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sn850:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr150:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr158:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr258:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr850:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_sr860:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_st250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinksystem_st258:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:lenovo:thinkagile_vx_dense:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-04-23T19:14Z"}

4.9 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2021-3473

4.9^/10

4.0^/10

Attach tags to `CVE-2021-3473`