Vulnerabilities > Lenovo > Xclarity Integrator > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-11-30 CVE-2018-9072 Improper Input Validation vulnerability in Lenovo Xclarity Integrator
In versions prior to 5.5, LXCI for VMware allows an authenticated user to download any system file due to insufficient input sanitization during file downloads.
network
low complexity
lenovo CWE-20
6.5
6.5
2018-11-30 CVE-2018-16097 Unrestricted Upload of File with Dangerous Type vulnerability in Lenovo Xclarity Integrator
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
network
low complexity
lenovo CWE-434
6.5
6.5
2018-11-30 CVE-2018-16093 Unrestricted Upload of File with Dangerous Type vulnerability in Lenovo Xclarity Integrator
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file.
network
low complexity
lenovo CWE-434
6.5
6.5