Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-38510

HIGH
Published 2024-07-26T19:45:12.150Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-38510. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.2
/10
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.012
probability
of exploitation in the wild

There is a 1.2% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.778
Higher than 77.8% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Description

A privilege escalation vulnerability was discovered in the SSH captive command shell interface that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Lenovo

XClarity Controller

Affected Versions:

various
lenovo

thinkagile_hx5530_firmware

Affected Versions:

0
lenovo

thinkagile_hx7530_firmware

Affected Versions:

0
lenovo

thinkagile_vx3331_firmware

Affected Versions:

0
lenovo

thinkagile_hx_enclosure_certified_node_firmware

Affected Versions:

0
lenovo

thinkagile_hx1021_edg_firmware

Affected Versions:

0
lenovo

thinkagile_hx1320_firmware

Affected Versions:

0
lenovo

thinkagile_hx1331_firmware

Affected Versions:

0
lenovo

thinkagile_hx1321_firmware

Affected Versions:

0
lenovo

thinkagile_hx1520-r_firmware

Affected Versions:

0
lenovo

thinkagile_hx1521-r_firmware

Affected Versions:

0
lenovo

thinkagile_hx2320-e_firmware

Affected Versions:

0
lenovo

thinkagile_hx2321_firmware

Affected Versions:

0
lenovo

thinkagile_hx2330_firmware

Affected Versions:

0
lenovo

thinkagile_hx2331_firmware

Affected Versions:

0
lenovo

thinkagile_hx2720-e_firmware

Affected Versions:

0
lenovo

thinkagile_hx3320_firmware

Affected Versions:

0
lenovo

thinkagile_hx3321_firmware

Affected Versions:

0
lenovo

thinkagile_hx3330_firmware

Affected Versions:

0
lenovo

thinkagile_hx3331

Affected Versions:

0
lenovo

thinkagile_hx3375_firmware

Affected Versions:

0
lenovo

thinkagile_hx3376_firmware

Affected Versions:

0
lenovo

thinkagile_hx3520-g_firmware

Affected Versions:

0
lenovo

thinkagile_hx3521-g_firmware

Affected Versions:

0
lenovo

thinkagile_hx3720_firmware

Affected Versions:

0
lenovo

thinkagile_hx3721_firmware

Affected Versions:

0
lenovo

thinkagile_hx5520-c_firmware

Affected Versions:

0
lenovo

thinkagile_hx5521-c_firmware

Affected Versions:

0
lenovo

thinkagile_hx5531_firmware

Affected Versions:

0
lenovo

thinkagile_hx7520_firmware

Affected Versions:

0
lenovo

thinkagile_hx7521_firmware

Affected Versions:

0
lenovo

thinkagile_hx7521_firmware

Affected Versions:

0
lenovo

thinkagile_hx7530_firmware

Affected Versions:

0
lenovo

thinkagile_hx7531_firmware

Affected Versions:

0
lenovo

thinkagile_hx7820_firmware

Affected Versions:

0
lenovo

thinkagile_hx7821_firmware

Affected Versions:

0
lenovo

thinkagile_mx1020_firmware

Affected Versions:

0
lenovo

thinkagile_mx3330-f_firmware

Affected Versions:

0
lenovo

thinkagile_mx3330-h_firmware

Affected Versions:

0
lenovo

thinkagile_mx3331-f_firmware

Affected Versions:

0
lenovo

thinkagile_mx3331-h_firmware

Affected Versions:

0
lenovo

thinkagile_mx3530_f_firmware

Affected Versions:

0
lenovo

thinkagile_mx3530-h_firmware

Affected Versions:

0
lenovo

thinkagile_mx3531-f_firmware

Affected Versions:

0
lenovo

thinkagile_vx1320_firmware

Affected Versions:

0
lenovo

thinkagile_vx2320_firmware

Affected Versions:

0
lenovo

thinkagile_vx2330_firmware

Affected Versions:

0
lenovo

thinkagile_vx3320_firmware

Affected Versions:

0
lenovo

thinkagile_vx3330_firmware

Affected Versions:

0
lenovo

thinkagile_vx3520-g_firmware

Affected Versions:

0
lenovo

thinkagile_vx3530-g_firmware

Affected Versions:

0
lenovo

thinkagile_vx3720_firmware

Affected Versions:

0
lenovo

thinkagile_vx5520_firmware

Affected Versions:

0
lenovo

thinkagile_vx5530_firmware

Affected Versions:

0
lenovo

thinkagile_vx7320_n_firmware

Affected Versions:

0
lenovo

thinkagile_vx7330_firmware

Affected Versions:

0
lenovo

thinkagile_vx7520_firmware

Affected Versions:

0
lenovo

thinkagile_vx7520_n_firmware

Affected Versions:

0
lenovo

thinkagile_vx7530_firmware

Affected Versions:

0
lenovo

thinkagile_vx7531_firmware

Affected Versions:

0
lenovo

thinkagile_vx7820_firmware

Affected Versions:

0
lenovo

thinkstation_p920_workstation_firmware

Affected Versions:

0
lenovo

thinksystem_st250_firmware

Affected Versions:

0
lenovo

thinksystem_sd530_firmware

Affected Versions:

0
lenovo

thinksystem_sd630_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sd650_dual_node_tray_firmware

Affected Versions:

0 0
lenovo

thinksystem_sd650-n_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sd650_v3_firmware

Affected Versions:

0
lenovo

thinksystem_sd665_v3_firmware

Affected Versions:

0
lenovo

thinksystem_se350_firmware

Affected Versions:

0
lenovo

thinksystem_sn550_firmware

Affected Versions:

0 0
lenovo

thinksystem_sn550_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sn850_firmware

Affected Versions:

0 0
lenovo

thinksystem_sr150_firmware

Affected Versions:

0
lenovo

thinksystem_sr158_firmware

Affected Versions:

0
lenovo

thinksystem_sr250_firmware

Affected Versions:

0
lenovo

thinksystem_sr250_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr258_firmware

Affected Versions:

0
lenovo

thinksystem_sr258_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr530_firmware

Affected Versions:

0
lenovo

thinksystem_sr550_firmware

Affected Versions:

0
lenovo

thinksystem_sr570_firmware

Affected Versions:

0
lenovo

thinksystem_sr590_firmware

Affected Versions:

0
lenovo

thinksystem_sr630_firmware

Affected Versions:

0
lenovo

thinksystem_sr630_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr630_v3_firmware

Affected Versions:

0
lenovo

thinksystem_sr635_firmware

Affected Versions:

0
lenovo

thinksystem_sr645_firmware

Affected Versions:

0
lenovo

thinksystem_sr645_v3_firmware

Affected Versions:

0
lenovo

thinksystem_sr650_firmware

Affected Versions:

0
lenovo

thinksystem_sr650_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr655_v3_firmware

Affected Versions:

0
lenovo

thinksystem_sr665_firmware

Affected Versions:

0
lenovo

thinksystem_sr665_v3_firmware

Affected Versions:

0 0
lenovo

thinksystem_sr670_firmware

Affected Versions:

0
lenovo

thinksystem_sr670_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr670_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr675_v3_firmware

Affected Versions:

0
lenovo

thinksystem_sr850_firmware

Affected Versions:

0 0
lenovo

thinksystem_sr850_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr850_v3_firmware

Affected Versions:

0
lenovo

thinksystem_sr850p_firmware

Affected Versions:

0
lenovo

thinksystem_sr860_firmware

Affected Versions:

0
lenovo

thinksystem_sr860_v2_firmware

Affected Versions:

0
lenovo

thinksystem_sr860_v3_firmware

Affected Versions:

0
lenovo

thinksystem_sr950_firmware

Affected Versions:

0
lenovo

thinksystem_st250_firmware

Affected Versions:

0
lenovo

thinksystem_st250_v2_firmware

Affected Versions:

0
lenovo

thinksystem_st258_firmware

Affected Versions:

0
lenovo

thinksystem_st258_v2_firmware

Affected Versions:

0
lenovo

thinksystem_st550_firmware

Affected Versions:

0
lenovo

thinksystem_st650_v2_firmware

Affected Versions:

0
lenovo

thinksystem_st650_v3_firmware

Affected Versions:

0
lenovo

thinksystem_st658_v2_firmware

Affected Versions:

0
lenovo

thinksystem_st658_v3_firmware

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-9p3q-q3jf-q5p4

Advisory Details

A privilege escalation vulnerability was discovered in the SSH captive command shell interface that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-38510
WEB https://support.lenovo.com/us/en/product_security/LEN-156781

Advisory provided by GitHub Security Advisory Database. Published: July 26, 2024, Modified: July 26, 2024

References

https://support.lenovo.com/us/en/product_security/LEN-156781
Published: 2024-07-26T19:45:12.150Z
Last Modified: 2024-08-02T04:12:24.688Z
Copied to clipboard!