CVE-2022-34888 LOW

CVE-2022-34888

Vendor Lenovo
Product Lenovo XClarity Controller
Weakness CWE-184
Published January 30, 2023
Last update March 27, 2025

CVSS base score

2.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect.

Key dates

02Disclosure timeline

January 30, 2023 CVE published
March 27, 2025 Record updated