Remote Information Disclosure Vulnerability in IBM and Lenovo Networking Products
CVE-2015-7819

Currently unrated

Key Information:

Vendor: Lenovo
Status: Switch Center
Vendor: CVE Published:; 12 November 2015

Summary

The DB service in the IBM System Networking Switch Center and Lenovo Switch Center is vulnerable to remote information disclosure. Unauthenticated attackers can exploit this vulnerability by sending requests to port 40999, potentially revealing sensitive administrator account details, including improperly encrypted passwords. This exposure could lead to unauthorized access to critical networking infrastructure, posing significant security risks for organizations using these products.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-552/

x_refsource_MISC

https://support.lenovo.com/us/en/product_security/len_201...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 12, 2015
Vulnerability Reserved
Oct 14, 2015