cvedb.io
CVE-2015-3324
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-04-16T23:59:05.540 · Last modified 2026-06-17T00:25:44.350

Summary

The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers.

Affected products

lenovo — thinkserver_system_manager_baseboard_management_controller_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when lenovo ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.