Vulnerabilities > Lenovo > Solution Center
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-27 | CVE-2015-8536 | Cross-Site Request Forgery (CSRF) vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 8.8 |
| 2020-03-27 | CVE-2015-8535 | Path Traversal vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.8 |
| 2020-03-27 | CVE-2015-8534 | Improper Privilege Management vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.8 |
| 2019-08-21 | CVE-2019-6177 | Information Exposure vulnerability in Lenovo Solution Center 03.12.003 A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. | 9.8 |
| 2017-05-23 | CVE-2016-1876 | Permissions, Privileges, and Access Controls vulnerability in Lenovo Solution Center 3.3.0001 The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. | 7.8 |
| 2016-06-30 | CVE-2016-5249 | Permissions, Privileges, and Access Controls vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly. | 7.8 |
| 2016-06-30 | CVE-2016-5248 | Permissions, Privileges, and Access Controls vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary processes via the PID argument. | 5.5 |