Denial of Service Vulnerability in Lenovo XCC Web Interface
CVE-2023-25492
6.3MEDIUM
What is CVE-2023-25492?
A format string injection vulnerability exists in the Lenovo XCC web user interface, allowing a valid authenticated user to potentially trigger a denial of service condition or cause other undefined behaviors through improper handling of API inputs. This flaw underscores the importance of secure coding practices to prevent misuse and ensure integrity in web applications.
Affected Version(s)
XClarity Controller See product security advisory below