Authentication Bypass Vulnerability in IPMI Could Lead to Limited System Information Exposure
CVE-2023-4857
7.5HIGH
What is CVE-2023-4857?
An authentication bypass vulnerability exists in Lenovo's SMM/SMM2 and FPC products, potentially allowing authenticated users to execute specific Intelligent Platform Management Interface (IPMI) calls. This could result in the exposure of limited and sensitive system information, posing significant security risks for affected environments. It is essential for users and administrators to be aware of this vulnerability to implement appropriate security measures and mitigate potential threats.
Affected Version(s)
SMM, SMM2, FPC various