A valid XCC users local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Thinkagile_hx5530_firmware | Lenovo | * | * |