CVEs-PoC/2017/CVE-2017-3764.md

### [CVE-2017-3764](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3764)
![](https://img.shields.io/static/v1?label=Product&message=xClarity%20Administrator&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Earlier%20than%201.4.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Unauthenticated%20User%20Enumeration&color=brightgreen)

### Description

A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed.

### POC

#### Reference
- https://support.lenovo.com/us/en/product_security/LEN-16335

#### Github
No PoCs found on GitHub currently.