Clear text storage of HTTP proxy credentials in Lenovo XClarity Administrator (LXCA) log files

Clear text storage of HTTP proxy credentials in Lenovo XClarity Administrator (LXCA) log files

CVE-2019-6158 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.

Learn more about our Internal Network Penetration Testing.