CVE-2019-6158 : Security Advisory and Response

A security audit of Lenovo XClarity Administrator (LXCA) revealed a vulnerability where HTTP proxy credentials were stored in plain text format in a log file, affecting versions 2.0.0 to 2.3.x.

Understanding CVE-2019-6158

This CVE involves the exposure of HTTP proxy credentials in plain text format in a log file within Lenovo XClarity Administrator (LXCA).

What is CVE-2019-6158?

CVE-2019-6158 is a security vulnerability in Lenovo XClarity Administrator (LXCA) that allows HTTP proxy credentials to be saved in plain text in a log file, potentially leading to information disclosure.

The Impact of CVE-2019-6158

The vulnerability has a CVSS base score of 8.7, indicating a high severity level with confidentiality, integrity, and privileges required all rated as high impact.

Technical Details of CVE-2019-6158

This section provides more technical insights into the vulnerability.

Vulnerability Description

The issue arises from HTTP proxy credentials being stored in plain text format in a log file within LXCA, potentially exposing sensitive information.

Affected Systems and Versions

Affected Product: Lenovo XClarity Administrator
Affected Versions: 2.0.0 to 2.3.x

Exploitation Mechanism

The vulnerability can be exploited by an attacker with high privileges who gains access to the log file containing the plain text HTTP proxy credentials.

Mitigation and Prevention

To address CVE-2019-6158, follow these mitigation steps:

Immediate Steps to Take

Update LXCA to version 2.4 or later to eliminate the vulnerability.

Long-Term Security Practices

Avoid storing sensitive information in plain text format.
Regularly review and update security configurations to prevent similar vulnerabilities.

Patching and Updates

Stay informed about security updates and patches released by Lenovo to address known vulnerabilities.