← back
CVE-2022-34888

CVE-2022-34888

CVSS 2.7 LOWEPSS 0.4%CWE-184
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 2.7EPSS 0.4%KEV nãoPoC Patch
Lifecycle
30 Jan 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Affected products
Lenovo · Lenovo XClarity Controller

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.lenovo.com/us/en/product_security/LEN-87734