Command Injection Vulnerability in Lenovo XClarity Administrator Web API
CVE-2023-34420
7.2HIGH
What is CVE-2023-34420?
A command injection vulnerability exists in the Lenovo XClarity Administrator web API, which can be exploited by an authenticated user with elevated privileges. This vulnerability allows attackers to execute arbitrary commands through specially crafted API calls, potentially compromising the integrity and security of the system. Organizations using Lenovo XClarity Administrator should review their security configurations and apply necessary mitigations to prevent exploitation. For more information, visit the Lenovo support page.
Affected Version(s)
Lenovo XClarity Administrator Versions prior to 4.0