Sign-up

ID

VAR-201911-0275


CVE

CVE-2019-6186


TITLE

Lenovo System Interface Foundation Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2019-012218

DESCRIPTION

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user. Lenovo System Interface Foundation Has unspecified vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lenovo System Interface Foundation is a set of software used by China Lenovo (Lenovo) to communicate with hardware devices

Trust: 1.71

sources: NVD: CVE-2019-6186 // JVNDB: JVNDB-2019-012218 // VULHUB: VHN-157621

AFFECTED PRODUCTS

vendor:lenovomodel:system interface foundationscope:ltversion:1.1.18.3

Trust: 1.8

vendor:lenovomodel:system interface foundationscope:eqversion: -

Trust: 0.6

sources: JVNDB: JVNDB-2019-012218 // CNNVD: CNNVD-201911-1142 // NVD: CVE-2019-6186

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-6186
value: HIGH

Trust: 1.0

NVD: CVE-2019-6186
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201911-1142
value: HIGH

Trust: 0.6

VULHUB: VHN-157621
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-6186
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-157621
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-6186
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-6186
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-157621 // JVNDB: JVNDB-2019-012218 // CNNVD: CNNVD-201911-1142 // NVD: CVE-2019-6186

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2019-6186

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201911-1142

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201911-1142

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-012218

PATCH
title:LEN-29198url:https://support.lenovo.com/solutions/LEN-29198
Trust: 0.8
title:Lenovo System Interface Foundation Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103493
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-012218 // 
            
            
            
            CNNVD: CNNVD-201911-1142

EXTERNAL IDS
db:NVDid:CVE-2019-6186
Trust: 2.5
db:LENOVOid:LEN-29198
Trust: 1.7
db:JVNDBid:JVNDB-2019-012218
Trust: 0.8
db:CNNVDid:CNNVD-201911-1142
Trust: 0.7
db:CNVDid:CNVD-2020-10124
Trust: 0.1
db:VULHUBid:VHN-157621
Trust: 0.1
sources:
            
            
            VULHUB: VHN-157621 // 
            
            
            
            JVNDB: JVNDB-2019-012218 // 
            
            
            
            CNNVD: CNNVD-201911-1142 // 
            
            
            
            NVD: CVE-2019-6186

REFERENCES
url:https://support.lenovo.com/solutions/len-29198
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-6186
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6186
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/len-29198
Trust: 0.6
sources:
            
            
            VULHUB: VHN-157621 // 
            
            
            
            JVNDB: JVNDB-2019-012218 // 
            
            
            
            CNNVD: CNNVD-201911-1142 // 
            
            
            
            NVD: CVE-2019-6186

SOURCES
db:VULHUBid:VHN-157621
db:JVNDBid:JVNDB-2019-012218
db:CNNVDid:CNNVD-201911-1142
db:NVDid:CVE-2019-6186

LAST UPDATE DATE
2024-11-23T22:51:37.567000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-157621date:2019-11-22T00:00:00
db:JVNDBid:JVNDB-2019-012218date:2019-11-27T00:00:00
db:CNNVDid:CNNVD-201911-1142date:2019-11-25T00:00:00
db:NVDid:CVE-2019-6186date:2024-11-21T04:46:07.467

SOURCES RELEASE DATE
db:VULHUBid:VHN-157621date:2019-11-20T00:00:00
db:JVNDBid:JVNDB-2019-012218date:2019-11-27T00:00:00
db:CNNVDid:CNNVD-201911-1142date:2019-11-19T00:00:00
db:NVDid:CVE-2019-6186date:2019-11-20T02:15:10.740