Input Validation Flaw in Lenovo's Solution for Enhanced Management
CVE-2023-34422
6.5MEDIUM
What is CVE-2023-34422?
A valid user of Lenovo's XClarity Administrator (LXCA) with elevated privileges may exploit insufficient input validation to delete folders in the LXCA filesystem. This is achieved through a specifically crafted web API call, creating potential risks for data integrity and system stability.
Affected Version(s)
Lenovo XClarity Administrator Versions prior to 4.0