Sign-up

ID

VAR-202003-1212


CVE

CVE-2015-8534


TITLE

Lenovo Solution Center Vulnerability related to authority management in

Trust: 0.8

sources: JVNDB: JVNDB-2015-008630

DESCRIPTION

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow a user to execute arbitrary code with elevated privileges. Lenovo Solution Center (LSC) Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Lenovo Solution Center is a set of computer system monitoring software developed by China Lenovo (Lenovo). The software is capable of identifying system health, the status of network connectivity and overall system security, and more

Trust: 1.71

sources: NVD: CVE-2015-8534 // JVNDB: JVNDB-2015-008630 // VULHUB: VHN-86495

AFFECTED PRODUCTS

vendor:lenovomodel:solution centerscope:ltversion:3.3.002

Trust: 1.0

vendor:lenovomodel:solution centerscope:eqversion:3.3.002

Trust: 0.8

sources: JVNDB: JVNDB-2015-008630 // NVD: CVE-2015-8534

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-8534
value: HIGH

Trust: 1.0

NVD: JVNDB-2015-008630
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202003-1672
value: HIGH

Trust: 0.6

VULHUB: VHN-86495
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-8534
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2015-008630
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-86495
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-8534
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2015-008630
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-86495 // JVNDB: JVNDB-2015-008630 // CNNVD: CNNVD-202003-1672 // NVD: CVE-2015-8534

PROBLEMTYPE DATA

problemtype:CWE-269

Trust: 1.9

sources: VULHUB: VHN-86495 // JVNDB: JVNDB-2015-008630 // NVD: CVE-2015-8534

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202003-1672

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202003-1672

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-008630

PATCH
title:LEN-4326url:https://support.lenovo.com/us/en/product_security/len_4326
Trust: 0.8
title:Lenovo Solution Center Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113069
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-008630 // 
            
            
            
            CNNVD: CNNVD-202003-1672

EXTERNAL IDS
db:NVDid:CVE-2015-8534
Trust: 2.5
db:JVNDBid:JVNDB-2015-008630
Trust: 0.8
db:CNNVDid:CNNVD-202003-1672
Trust: 0.7
db:CNVDid:CNVD-2020-21036
Trust: 0.1
db:VULHUBid:VHN-86495
Trust: 0.1
sources:
            
            
            VULHUB: VHN-86495 // 
            
            
            
            JVNDB: JVNDB-2015-008630 // 
            
            
            
            CNNVD: CNNVD-202003-1672 // 
            
            
            
            NVD: CVE-2015-8534

REFERENCES
url:https://support.lenovo.com/us/en/product_security/len_4326
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2015-8534
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8534
Trust: 0.8
sources:
            
            
            VULHUB: VHN-86495 // 
            
            
            
            JVNDB: JVNDB-2015-008630 // 
            
            
            
            CNNVD: CNNVD-202003-1672 // 
            
            
            
            NVD: CVE-2015-8534

SOURCES
db:VULHUBid:VHN-86495
db:JVNDBid:JVNDB-2015-008630
db:CNNVDid:CNNVD-202003-1672
db:NVDid:CVE-2015-8534

LAST UPDATE DATE
2024-11-23T22:41:08.986000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-86495date:2020-03-31T00:00:00
db:JVNDBid:JVNDB-2015-008630date:2020-04-17T00:00:00
db:CNNVDid:CNNVD-202003-1672date:2020-04-01T00:00:00
db:NVDid:CVE-2015-8534date:2024-11-21T02:38:40.603

SOURCES RELEASE DATE
db:VULHUBid:VHN-86495date:2020-03-27T00:00:00
db:JVNDBid:JVNDB-2015-008630date:2020-04-17T00:00:00
db:CNNVDid:CNNVD-202003-1672date:2020-03-27T00:00:00
db:NVDid:CVE-2015-8534date:2020-03-27T15:15:11.770