CVE-2017-3764 Vulnerability Details

  /     /     /  

CVE-2017-3764 Metadata Quick Info

CVE Published: 30/11/2017 | CVE Updated: 17/09/2024 | CVE Year: 2017
Source: lenovo | Vendor: Lenovo Group Ltd. | Product: xClarity Administrator
Status : PUBLISHED

---

CVE-2017-3764 Description

A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Unauthenticated User Enumeration
Source: Lenovo Group Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).