#VU22865 Code Injection in Lenovo XClarity Controller (XCC)
Vulnerability identifier: #VU22865
Vulnerability risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-94
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Lenovo XClarity Controller (XCC)
Hardware solutions /
Firmware
Vendor: Lenovo
Description
The vulnerability allows a local user to inject arbitrary code into CSV files.
The vulnerability exists due to insufficient sanitization of user-supplied data when constructing CSV files. A local administrator can store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file.
Successful exploitation of this vulnerability may allow a local administrator to execute arbitrary code and compromise of vulnerable system.
Mitigation
| Product | Minimum Fix Version | Download Link | Status Last Updated |
| ThinkAgile HX series, Machine Types: 7X82, 7Y88, 7Z03 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkAgile HX Series, Machine Types: 7X83,YX84,7Y89,7Y90,7Z04,7Z05,7Z06,7Z07 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkAgile MX Certified Nodes, Machine Types: 7Z20,7D1H | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkAgile VX series, Machine Types: 7Y11, 7Y12, 7Y92 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkAgile VX Series, Machine Types: 7Y13,7Y14,7Y93,7Y94 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem SD530, Machine Types: 7X21 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SD650 DWC Dual Node Tray, Machine Types: 7X58 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SN550, Machine Types: 7X16 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SN850, Machine Types: 7X15 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SR150 / SR158, Machine Types: 7Y54,7Y55 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SR250/SR258, Machine Types: 7Y51,7Y52,7Y72,7Y73,7Y53 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SR530, Machine Types: 7X07,7X08 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem SR550, Machine Types: 7X03,7X04 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem SR570, Machine Types: 7Y02,7Y03 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem SR590, Machine Types: 7X98,7X99 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem SR630, Machine Types: 7X01,7X02 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem SR650, Machine Types: 7X05,7X06 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem SR670 Server, Machine Types: 7Y36, 7Y37, 7Y38 | G1I312 | https://datacentersupport.lenovo.com/downloads/DS542157 | 2019-11-19 |
| ThinkSystem SR850, Machine Types: 7X18, 7X19 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SR860, Machine Types: 7X69, 7X70 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem SR950 Server, Machine Types: 7X11,7X12,7X13,7Y95,7Y96,7Z08,7Z09 | PSI328M | https://datacentersupport.lenovo.com/downloads/DS542206 | 2019-11-19 |
| ThinkSystem ST250/ST258, Machine Types: 7Y45,7Y46,7Y47 | TEI392M | https://datacentersupport.lenovo.com/downloads/DS542158 | 2019-11-19 |
| ThinkSystem ST550, Machine Types: 7X09,7X10 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
| ThinkSystem ST558, Machine Types: 7Y15,7Y16 | CDI340M | https://datacentersupport.lenovo.com/downloads/DS542159 | 2019-11-19 |
Vulnerable software versions
Lenovo XClarity Controller (XCC): 1.02 - 2.85
External links
http://support.lenovo.com/solutions/LEN-29118
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
