Lenovo Chassis Management Module (CMM) Prior to Version 2.0.0 Information Disclosure Vulnerability
CVE-2018-9071 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration.
Learn more about our User Device Pen Test.