CVE-2017-3763

medium

Published 2017-09-22 · Modified 2026-05-13

CVSS v3

6.7

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2

2.1

VIR risk

6.7

Description

An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2.

Predictions

Exploit likelihood

66%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@lenovo.com — https://support.lenovo.com/us/en/product_security/LEN-16333

Application impact

Vendor	Product	Versions	Fixed
lenovo	xclarity_administrator	`{"endIncluding":"1.3.1"}`

References

https://support.lenovo.com/us/en/product_security/LEN-16333
https://support.lenovo.com/us/en/product_security/LEN-16333

Verify integrity in audit chain (admin only). AS-IS.