Description

An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input in the XCC SSH captive shell.

INFO

Published Date :

2024-09-13T17:27:48.442Z

Last Modified :

2024-09-13T20:53:47.959Z

Source :

lenovo
AFFECTED PRODUCTS

The following products are affected by CVE-2024-8281 vulnerability.

Vendors Products
Lenovo
  • Thinkagile Hx1021 Edge Certified Node 3yr Firmware
  • Thinkagile Hx1320 Firmware
  • Thinkagile Hx1321 Firmware
  • Thinkagile Hx1331 Firmware
  • Thinkagile Hx1520-r Firmware
  • Thinkagile Hx1521-r Firmware
  • Thinkagile Hx2320-e Firmware
  • Thinkagile Hx2321 Firmware
  • Thinkagile Hx2330 Firmware
  • Thinkagile Hx2331 Firmware
  • Thinkagile Hx2720-e Firmware
  • Thinkagile Hx3320 Firmware
  • Thinkagile Hx3321 Firmware
  • Thinkagile Hx3330 Firmware
  • Thinkagile Hx3331 Firmware
  • Thinkagile Hx3331 Node Sap Hana
  • Thinkagile Hx3375 Firmware
  • Thinkagile Hx3376 Firmware
  • Thinkagile Hx3520-g Firmware
  • Thinkagile Hx3521-g Firmware
  • Thinkagile Hx3720 Firmware
  • Thinkagile Hx3721 Firmware
  • Thinkagile Hx5520-c Firmware
  • Thinkagile Hx5520 Firmware
  • Thinkagile Hx5521-c Firmware
  • Thinkagile Hx5521 Firmware
  • Thinkagile Hx5530 Firmware
  • Thinkagile Hx5531 Firmware
  • Thinkagile Hx7520 Firmware
  • Thinkagile Hx7521 Firmware
  • Thinkagile Hx7530 Appl For Sap Hana
  • Thinkagile Hx7530 Firmware
  • Thinkagile Hx7531 Firmware
  • Thinkagile Hx7531 Node Sap Hana
  • Thinkagile Hx7820 Firmware
  • Thinkagile Hx7821 Firmware
  • Thinkagile Hx Enclosure Certified Node Firmware
  • Thinkagile Mx1021 On Se350 Firmware
  • Thinkagile Mx3330-f All-flash Firmware
  • Thinkagile Mx3330-h Hybrid Firmware
  • Thinkagile Mx3331-f All-flash Firmware
  • Thinkagile Mx3331-h Hybrid Firmware
  • Thinkagile Mx3530-h Hybrid Firmware
  • Thinkagile Mx3530 F All Flash Firmware
  • Thinkagile Mx3531-f All-flash Firmware
  • Thinkagile Mx3531 H Hybrid Firmware
  • Thinkagile Mx Edge- Mx1020 Firmware
  • Thinkagile Vx1320 Firmware
  • Thinkagile Vx2320 Firmware
  • Thinkagile Vx2330 Firmware
  • Thinkagile Vx3320 Firmware
  • Thinkagile Vx3330 Firmware
  • Thinkagile Vx3331 Firmware
  • Thinkagile Vx3520-g Firmware
  • Thinkagile Vx3530-g Firmware
  • Thinkagile Vx3720 Firmware
  • Thinkagile Vx5520 Firmware
  • Thinkagile Vx5530 Firmware
  • Thinkagile Vx635 V3 Firmware
  • Thinkagile Vx645 V3 Certified Node Firmware
  • Thinkagile Vx645 V3 Firmware
  • Thinkagile Vx655 V3 Certified Node Firmware
  • Thinkagile Vx655 V3 Firmware
  • Thinkagile Vx665 V3 Certified Node Firmware
  • Thinkagile Vx665 V3 Firmware
  • Thinkagile Vx7320 N Firmware
  • Thinkagile Vx7330 Firmware
  • Thinkagile Vx7520 Firmware
  • Thinkagile Vx7520 N Firmware
  • Thinkagile Vx7530 Firmware
  • Thinkagile Vx7531 Firmware
  • Thinkagile Vx7820 Firmware
  • Thinkagile Vx 1se Certified Node Firmware
  • Thinkagile Vx 2u4n Firmware
  • Thinkagile Vx 4u Firmware
  • Thinkedge Se350 V2 Firmware
  • Thinkedge Se360 V2 Firmware
  • Thinkedge Se450 Firmware
  • Thinkedge Se455 V3 Firmware
  • Thinkstation P920 Workstation Firmware
  • Thinksystem Sd530 Firmware
  • Thinksystem Sd530 V3 Firmware
  • Thinksystem Sd550 V3 Firmware
  • Thinksystem Sd630 V2 Firmware
  • Thinksystem Sd650-n V2 Firmware
  • Thinksystem Sd650 Dwc Dual Node Tray Firmware
  • Thinksystem Sd650 V2 Firmware
  • Thinksystem Sd650 V3 Firmware
  • Thinksystem Se350 Firmware
  • Thinksystem Sn550 Firmware
  • Thinksystem Sn550 V2 Firmware
  • Thinksystem Sn850 Firmware
  • Thinksystem Sr150 Firmware
  • Thinksystem Sr158 Firmware
  • Thinksystem Sr250 Firmware
  • Thinksystem Sr250 V2 Firmware
  • Thinksystem Sr250 V3 Firmware
  • Thinksystem Sr258 Firmware
  • Thinksystem Sr258 V2 Firmware
  • Thinksystem Sr258 V3 Firmware
  • Thinksystem Sr530 Firmware
  • Thinksystem Sr550 Firmware
  • Thinksystem Sr570 Firmware
  • Thinksystem Sr590 Firmware
  • Thinksystem Sr630 Firmware
  • Thinksystem Sr630 V2 Firmware
  • Thinksystem Sr630 V3 Firmware
  • Thinksystem Sr635 V3 Firmware
  • Thinksystem Sr645 Firmware
  • Thinksystem Sr645 V3 Firmware
  • Thinksystem Sr650 Firmware
  • Thinksystem Sr650 V2 Firmware
  • Thinksystem Sr650 V3 Firmware
  • Thinksystem Sr655 V3 Firmware
  • Thinksystem Sr665 Firmware
  • Thinksystem Sr665 V3 Firmware
  • Thinksystem Sr670 Firmware
  • Thinksystem Sr670 V2 Firmware
  • Thinksystem Sr675 V3 Firmware
  • Thinksystem Sr850 Firmware
  • Thinksystem Sr850 V2 Firmware
  • Thinksystem Sr850 V3 Firmware
  • Thinksystem Sr850p Firmware
  • Thinksystem Sr860 Firmware
  • Thinksystem Sr860 V2 Firmware
  • Thinksystem Sr860 V3 Firmware
  • Thinksystem Sr950 Firmware
  • Thinksystem Sr950 V3 Firmware
  • Thinksystem St250 Firmware
  • Thinksystem St250 V2 Firmware
  • Thinksystem St250 V3 Firmware
  • Thinksystem St258 Firmware
  • Thinksystem St258 V2 Firmware
  • Thinksystem St258 V3 Firmware
  • Thinksystem St550 Firmware
  • Thinksystem St650 V2 Firmware
  • Thinksystem St650 V3 Firmware
  • Thinksystem St658 V2 Firmware
  • Thinksystem St658 V3 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-8281.

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact