The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands.
Project Subscriptions
Advisories
No advisories yet.
Fixes
Solution
Update XClarity Integrator for Microsoft Windows Admin Center to version 5.2 or later.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://pcsupport.lenovo.com/us/en/product_security/home |
|
History
Thu, 16 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 16 Jul 2026 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands. | |
| First Time appeared |
Lenovo
Lenovo xclarity Integrator For Microsoft Windows Admin Center |
|
| Weaknesses | CWE-78 | |
| CPEs | cpe:2.3:a:lenovo:xclarity_integrator_for_microsoft_windows_admin_center:*:*:windows:*:*:*:*:* | |
| Vendors & Products |
Lenovo
Lenovo xclarity Integrator For Microsoft Windows Admin Center |
|
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: lenovo
Published:
Updated: 2026-07-16T17:36:41.747Z
Reserved: 2026-07-01T19:52:49.119Z
Link: CVE-2026-14371
Updated: 2026-07-16T17:36:04.435Z
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses