CVE-2017-3748 - Vulnerability Details

Vendors	Products
Google	Android
Lenovo	Vibe A1600 Vibe A2560 Vibe A2800 Vibe A2860 Vibe A2880 Vibe A3000 Vibe A3500 Vibe A3600-d Vibe A3600u Vibe A3800-d Vibe A3900 Vibe A6000 Vibe A6000-i Vibe A6020i37 Vibe A6600 Vibe A6800 Vibe K30-e Vibe K30-w-cu Vibe K32c30 Vibe K80m

Link	Providers
http://www.securityfocus.com/bid/99295
https://support.lenovo.com/us/en/product_security/LEN-15823

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Lenovo Vibe and Lenovo China-only Moto Mobile Phones", "vendor": "Lenovo Group Ltd.", "versions": [{"status": "affected", "version": "Earlier than 6.0"}]}], "datePublic": "2017-06-22T00:00:00", "descriptions": [{"lang": "en", "value": "On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or \"jail breaking\" a device)."}], "problemTypes": [{"descriptions": [{"description": "Privilege escalation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-30T09:57:01", "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo"}, "references": [{"name": "99295", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99295"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.lenovo.com/us/en/product_security/LEN-15823"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@lenovo.com", "DATE_PUBLIC": "2017-06-22T00:00:00", "ID": "CVE-2017-3748", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Lenovo Vibe and Lenovo China-only Moto Mobile Phones", "version": {"version_data": [{"version_value": "Earlier than 6.0"}]}}]}, "vendor_name": "Lenovo Group Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or \"jail breaking\" a device)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Privilege escalation"}]}]}, "references": {"reference_data": [{"name": "99295", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99295"}, {"name": "https://support.lenovo.com/us/en/product_security/LEN-15823", "refsource": "CONFIRM", "url": "https://support.lenovo.com/us/en/product_security/LEN-15823"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:39:39.676Z"}, "title": "CVE Program Container", "references": [{"name": "99295", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/99295"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.lenovo.com/us/en/product_security/LEN-15823"}]}]}, "cveMetadata": {"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "assignerShortName": "lenovo", "cveId": "CVE-2017-3748", "datePublished": "2017-06-29T15:00:00Z", "dateReserved": "2016-12-16T00:00:00", "dateUpdated": "2024-09-16T18:55:20.530Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Lenovo Vibe and Lenovo China-only Moto Mobile Phones (string)

vendor : Lenovo Group Ltd. (string)

versions : [ »

0 : { »

status : affected (string)

version : Earlier than 6.0 (string)

}

]

}

]

datePublic : 2017-06-22T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device). (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Privilege escalation (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-06-30T09:57:01 (string)

orgId : da227ddf-6e25-4b41-b023-0f976dcaca4b (string)

shortName : lenovo (string)

}

references : [ »

0 : { »

name : 99295 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/99295 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://support.lenovo.com/us/en/product_security/LEN-15823 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@lenovo.com (string)

DATE_PUBLIC : 2017-06-22T00:00:00 (string)

ID : CVE-2017-3748 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Lenovo Vibe and Lenovo China-only Moto Mobile Phones (string)

version : { »

version_data : [ »

0 : { »

version_value : Earlier than 6.0 (string)

}

]

}

]

}

vendor_name : Lenovo Group Ltd. (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device). (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Privilege escalation (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 99295 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/99295 (string)

}

1 : { »

name : https://support.lenovo.com/us/en/product_security/LEN-15823 (string)

refsource : CONFIRM (string)

url : https://support.lenovo.com/us/en/product_security/LEN-15823 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T14:39:39.676Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 99295 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/99295 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://support.lenovo.com/us/en/product_security/LEN-15823 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : da227ddf-6e25-4b41-b023-0f976dcaca4b (string)

assignerShortName : lenovo (string)

cveId : CVE-2017-3748 (string)

datePublished : 2017-06-29T15:00:00Z (string)

dateReserved : 2016-12-16T00:00:00 (string)

dateUpdated : 2024-09-16T18:55:20.530Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "B349128A-CD08-4B2B-975B-650831183DBE", "versionEndIncluding": "5.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:vibe_a1600:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF657581-9D69-4310-AE50-BE48CA5D4CB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a2560:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CFB6B14-B5BB-48AB-92CB-CF7487512DC5", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a2800:-:*:*:*:*:*:*:*", "matchCriteriaId": "325AC02E-E178-40D9-90D0-4E79843290B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a2860:-:*:*:*:*:*:*:*", "matchCriteriaId": "339FC9D6-19B2-4B91-B899-00E5E277B303", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a2880:-:*:*:*:*:*:*:*", "matchCriteriaId": "06D59E67-2F49-4B3F-9437-94C7140BCF31", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBBAF531-27D5-44D6-9EEC-BA86172290E8", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a3500:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D7D1D8F-70CB-4B2F-BC7D-1B10E7EB2077", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a3600-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F2F72DE-F368-4A03-BFA4-56B9FA4938AF", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a3600u:-:*:*:*:*:*:*:*", "matchCriteriaId": "6401481C-49A1-4886-80B8-E14569D77DA4", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a3800-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "31FDA3C7-BC99-45A5-AE81-46DA8FA579C7", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a3900:-:*:*:*:*:*:*:*", "matchCriteriaId": "65E0F862-F45A-46CA-941A-99ED0FFF4272", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "32979F5A-1DD6-42A9-9E10-E34CFFC96626", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a6000-i:-:*:*:*:*:*:*:*", "matchCriteriaId": "898242F7-7C48-4439-8520-A0680EFD9FCD", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a6020i37:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC57159C-1E88-43AB-A56E-66CA3AD171EE", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a6600:-:*:*:*:*:*:*:*", "matchCriteriaId": "83D6A8C1-E7E2-449F-8F6C-02993935E3CB", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_a6800:-:*:*:*:*:*:*:*", "matchCriteriaId": "ADEF9C5D-A634-4E0D-AD7A-7F84BD7EF0CC", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_k30-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "72AFFC5D-B159-4A7A-A482-455260883DC2", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_k30-w-cu:-:*:*:*:*:*:*:*", "matchCriteriaId": "B75A5EB3-6E3D-42D5-98E5-E0523342C11A", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_k32c30:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E8E4082-C625-4CC2-BD8E-3D8DD26FC5F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:lenovo:vibe_k80m:-:*:*:*:*:*:*:*", "matchCriteriaId": "AECF65FF-B344-446E-B303-BDB58FFC7290", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or \"jail breaking\" a device)."}, {"lang": "es", "value": "En los tel\u00e9fonos m\u00f3viles Lenovo VIBE, los controles de acceso incorrectos en el componente nac_server puede emplearse junto con CVE-2017-3749 y CVE-2017-3750 para elevar los privilegios a usuario root (conocido com\u00fanmente como \"rooting\" o \"jail breaking\" de un dispositivo)."}], "id": "CVE-2017-3748", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-29T15:29:00.207", "references": [{"source": "psirt@lenovo.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99295"}, {"source": "psirt@lenovo.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-15823"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99295"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-15823"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:google:android:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B349128A-CD08-4B2B-975B-650831183DBE (string)

versionEndIncluding : 5.1.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:lenovo:vibe_a1600:-:*:*:*:*:*:*:* (string)

matchCriteriaId : FF657581-9D69-4310-AE50-BE48CA5D4CB9 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:lenovo:vibe_a2560:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 0CFB6B14-B5BB-48AB-92CB-CF7487512DC5 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:lenovo:vibe_a2800:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 325AC02E-E178-40D9-90D0-4E79843290B9 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:lenovo:vibe_a2860:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 339FC9D6-19B2-4B91-B899-00E5E277B303 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:lenovo:vibe_a2880:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 06D59E67-2F49-4B3F-9437-94C7140BCF31 (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:lenovo:vibe_a3000:-:*:*:*:*:*:*:* (string)

matchCriteriaId : CBBAF531-27D5-44D6-9EEC-BA86172290E8 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:lenovo:vibe_a3500:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 0D7D1D8F-70CB-4B2F-BC7D-1B10E7EB2077 (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:lenovo:vibe_a3600-d:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 6F2F72DE-F368-4A03-BFA4-56B9FA4938AF (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:lenovo:vibe_a3600u:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 6401481C-49A1-4886-80B8-E14569D77DA4 (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:lenovo:vibe_a3800-d:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 31FDA3C7-BC99-45A5-AE81-46DA8FA579C7 (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:lenovo:vibe_a3900:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 65E0F862-F45A-46CA-941A-99ED0FFF4272 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:lenovo:vibe_a6000:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 32979F5A-1DD6-42A9-9E10-E34CFFC96626 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:lenovo:vibe_a6000-i:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 898242F7-7C48-4439-8520-A0680EFD9FCD (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:lenovo:vibe_a6020i37:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EC57159C-1E88-43AB-A56E-66CA3AD171EE (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:lenovo:vibe_a6600:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 83D6A8C1-E7E2-449F-8F6C-02993935E3CB (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:lenovo:vibe_a6800:-:*:*:*:*:*:*:* (string)

matchCriteriaId : ADEF9C5D-A634-4E0D-AD7A-7F84BD7EF0CC (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:lenovo:vibe_k30-e:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 72AFFC5D-B159-4A7A-A482-455260883DC2 (string)

vulnerable : false (boolean)

}

17 : { »

criteria : cpe:2.3:h:lenovo:vibe_k30-w-cu:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B75A5EB3-6E3D-42D5-98E5-E0523342C11A (string)

vulnerable : false (boolean)

}

18 : { »

criteria : cpe:2.3:h:lenovo:vibe_k32c30:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 6E8E4082-C625-4CC2-BD8E-3D8DD26FC5F3 (string)

vulnerable : false (boolean)

}

19 : { »

criteria : cpe:2.3:h:lenovo:vibe_k80m:-:*:*:*:*:*:*:* (string)

matchCriteriaId : AECF65FF-B344-446E-B303-BDB58FFC7290 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device). (string)

}

1 : { »

lang : es (string)

value : En los teléfonos móviles Lenovo VIBE, los controles de acceso incorrectos en el componente nac_server puede emplearse junto con CVE-2017-3749 y CVE-2017-3750 para elevar los privilegios a usuario root (conocido comúnmente como "rooting" o "jail breaking" de un dispositivo). (string)

}

]

id : CVE-2017-3748 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.2 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:L/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-06-29T15:29:00.207 (string)

references : [ »

0 : { »

source : psirt@lenovo.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/99295 (string)

}

1 : { »

source : psirt@lenovo.com (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://support.lenovo.com/us/en/product_security/LEN-15823 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/99295 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://support.lenovo.com/us/en/product_security/LEN-15823 (string)

}

]

sourceIdentifier : psirt@lenovo.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object