Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-8536 | 1 Lenovo | 1 Solution Center | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow cross-site request forgery. | |||||
CVE-2015-8535 | 1 Lenovo | 1 Solution Center | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A directory traversal vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow a user to execute arbitrary code with elevated privileges. | |||||
CVE-2015-8534 | 1 Lenovo | 1 Solution Center | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow a user to execute arbitrary code with elevated privileges. | |||||
CVE-2019-6177 | 1 Lenovo | 1 Solution Center | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Lenovo Vantage or Lenovo Diagnostics in April 2018. | |||||
CVE-2016-1876 | 1 Lenovo | 1 Solution Center | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. | |||||
CVE-2016-5249 | 1 Lenovo | 1 Solution Center | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly. | |||||
CVE-2016-5248 | 1 Lenovo | 1 Solution Center | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary processes via the PID argument. |