Lenovo Xclarity Controller — known CVE vulnerabilities
Every CVE whose affected-product data names Lenovo Xclarity Controller, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-6187 — CVSS 6.5 (medium): A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other…
CVE-2019-6195 — CVSS 4.8 (medium): An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid…
CVE-2021-3473 — CVSS 4.5 (medium): An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be…
CVE-2021-3956 — CVSS 4.3 (medium): A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of Lenovo XClarity Controller (XCC) firmware…