Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Thinkserver_rd650_firmware | Lenovo | * | 1.25.0 (including) |