Weak Encryption of User and Administrator BIOS Passwords in Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 Servers

Weak Encryption of User and Administrator BIOS Passwords in Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 Servers

CVE-2015-3322 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.

Learn more about our Cis Benchmark Audit For Apple Ios.