Lenovo XClarity Controller (XCC/BMC) Firmware

Change History

XClarity Controller Firmware Update
Change History

For installation instructions, see the file, 
lnvgy_fw_xcc_usx332N-2.12_anyos_noarch_installationtips.pdf, which is provided
in the downloaded software package.  When installing firmware, Lenovo 
recommends that you use the UpdateXpress System Pack (UXSP) bundle.
==================================================
Version 2.12 USX332N [Suggested]
Release date:  2/2024
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
None
--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Fix a problem that IPMI FRU command does not display M.2/7mm and backplane FRU information
--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
None
--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.

==================================================
Version 2.10 USX332K [Suggested]
Release date:  11/2023
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
CVE-2023-4128 
CVE-2023-4132 
CVE-2023-20593
CVE-2023-0160
CVE-2023-3772
CVE-2023-40283
CVE-2023-3611 
CVE-2023-3863
CVE-2023-3776
--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Fix a problem that update Bundles from repository failed due to too large file
Fix a problem that failure message will be shown when editing Raid VD name or Assigning hotspare through XCC web interface
Fix a problem of false reporting low fan speed
Fix a problem that XCC not reporting the creation of the VD on VROC controller until we reboot
Fix a problem that M.2 SSD status is not correct 

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
Added category of “Host NIC link up/down” in alert configuration
Added category of “Drive hotplug” for drive add/remove in alert configuration
Added support of Intel SDSi features (on Demand)
Added support for Broadcom M.2 SATA/NVMe RAID Boot Kit
Added support for Broadcom 7mm SATA/NVMe RAID Boot Kit
Added support for Non-Administrative XCC user remote console access
Added support of reporting individual drive temperature for Microchip RAID card
Added support of redfish schema to report Manufacture Date for Memory element
Added enhancement of KMIP functionality in XCC (setup & reporting)
Added support to cache the SED key from remote key management server in XCC
Added support for OOB update for sas/sata drives attached to a Broadcom RAID controller
Added enhancement of callhome feature to enable annual reminder to verify the contact information and retry for connection for LUF.
Added support in Redfish to select drives when create RAID volume
Added support to access XCC Remote Control through below URL directly 
https://<ip_address>/#/remote
Extend SNMPv1 and SNMvP2c trap destination to three
Add Fan power, Exhaust temperature, airflow calculated sensor information display on EGS/Genoa air-cooling product
Added support in redfish interface for m.2 volume resource POST & DELETE

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.

==================================================
Version 1.76 USX326Q [Suggested]
Release date:  11/2023
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Modified thermal algorithm to monitor margin value
Fixed a defect that Qualcomm AI100 and Firmware version are not displayed

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.

==================================================
Version 1.75 USX326P [Suggested]
Release date:  10/2023
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Fix a problem that system may not enter into LXPM inteface after click F1 key.

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.

==================================================
Version 1.70 USX326L [Suggested]
Release date:  08/2023
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
CVE-2023-1077 CVE-2023-2002 CVE-2023-3111 CVE-2023-3141 CVE-2023-3161
CVE-2023-3220 CVE-2023-3268 CVE-2023-34256 CVE-2023-35788 CVE-2023-35823
CVE-2023-35824 CVE-2022-0400 CVE-2023-3090 CVE-2023-3338
Fixed a privilege escalation problem in the Redfish interface
Fixed a privilege escalation problem that may be triggered by an HTTP request smuggling attack
Fixed a SQL command injection problem

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Fix a problem that user can't use SSH key to login to XCC

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
Added support in OneCLI to allow turning deviceorderbyfirmware on or off for any ThinkSystem 540 and 940 RAID controllers
Added support in redfish to show system OS boot status
Added support in web interface to configuration for ENM function
Extend SNMPv1 and SNMvP2c trap destination to three
Added support in Redfish for Trespass message and use DNS to discover LXCA
Added support in Redfish to modify UEFI protected setting
Added support up to 255 characters length for the SNMPv3 Privacy Password
Added support for SAN ( Subject Alternative Name) when creating a CSR in XCC web/redfish interface

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.

==================================================
Version 1.61 USX324S [Suggested]
Release date:  06/2023
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Fixed a randomly XCC hang issue that may happen in system AC cycle to load RVAS driver.
Add support Qualcomm Cloud AI 100 
Reduce one PCIe Riser Cable for Riser2 Slot 3 when one Double width GPU is selected in current 360mm

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.



==================================================
Version 1.60 USX324O [Suggested]
Release date:  3/2023
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
CVE-2023-0286 CVE-2022-4304 CVE-2022-4203 CVE-2023-0215 CVE-2022-4450 CVE-2023-0216 CVE-2023-0217 CVE-2023-0401
Fixed the problem that the user privilege is not granted properly through LDAP 		
Fixed one privilege escalation problem in SSH CLI

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.

==================================================
Version 1.50 USX324M [Suggested]
Release date:  03/2023
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
CVE-2022-43750, CVE-2022-2978, CVE-2022-2964, CVE-2022-1729, CVE-2022-20158, CVE-2022-1184, CVE-2022-1016, CVE-2022-42896, CVE-2022-42895, CVE-2022-2978, CVE-2022-3625, CVE-2022-43750, CVE-2022-3435, CVE-2022-3633, CVE-2022-42895, CVE-2022-42896, CVE-2022-42719, CVE-2022-41674, CVE-2022-42720, CVE-2022-42721, CVE-2022-41222, CVE-2022-20421, CVE-2022-20422, CVE-2022-42703, CVE-2022-43680, CVE-2022-37454, CVE-2022-45061, CVE-2022-40674, CVE-2015-20107, CVE-2019-12900, CVE-2018-25032, CVE-2022-26488, CVE-2016-3189, CVE-2022-42919, CVE-2022-10735, CVE-2021-28861, CVE-2022-35951, CVE-2022-31144, CVE-2018-1000500, CVE-2021-42380, CVE-2021-42376, CVE-2021-42386, CVE-2021-42378, CVE-2021-42374, CVE-2021-42384, CVE-2021-4238,5 CVE-2021-42382, CVE-2021-42381, CVE-2021-42379, CVE-2022-2839, CVE-2022-40304, CVE-2022-40303, CVE-2022-29824, CVE-2022-2068, CVE-2022-2097, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304,  CVE-2018-25032, CVE-2022-37434, CVE-2021-45079, CVE-2022-40617, CVE-2022-1586, CVE-2022-1587, CVE-2022-29458, CVE-2021-4209, CVE-2022-2509, CVE-2022-25308, CVE-2022-254309, CVE-2022-25310, CVE-2020-35512, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-32207, CVE-2022-32205, CVE-2022-32208, CVE-2022-32206, CVE-2022-43551, CVE-2022-32221, CVE-2022-42915, CVE-2022-42916, CVE-2022-35252

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Improved SAS HDD drive control to allow drive go into idle_b state when there is no I/O traffic

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
Added support to clear CMOS thru Redfish and OneCLI command
Added security modes and securtiy dashboard support
Added support of configuration for accessible interfaces for XCC local users
Added system guard support to protect system hardware from supply chain attack 
Added support of neighbor group which allows one XCC to discover and manage multiple XCCs
Added support of user configurable thermal profiles to get addtional cooling capacity
Added support of service data log with user configurable log content
Added OOB management support of Intel Virtual RAID on CPU (VROC) with SATA and NVMe drives
Enabled auto wrapping of IPMI SEL log
Added support of LLDP service
Added support to report event/alert when SSD remaining life reaches threshold
Added OOB management support for drives with generic firmware
Added support of Nvidia L4 GPU
Support for XCC eDPC log
Add ROT attestation sensor

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
Secure Password Storage
Secure Mode
System configuration Lock 
Neighbor Group
Intel E810 Update via OOB
The default value of Password Expiration Period and Password Expiration Warning Period are changed to 0
The SNMPv3 Authentication Protocol for XCC local user accounts is set to HMAC-SHA by default
The SNMPv3 Privacy Protocol for XCC local user accounts is set to AES by default
Removed SLP support 
Removed CIM support 

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
Does not allow to downgrade to the prior XCC code level.

==================================================
Version 1.41 USX312X [Suggested]
Release date:  12/2022
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
Fixed PSIRT issue of LEN-99936

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
Fixed a problem that NVMe drives may not be detected by the system
Fixed a problem that cannot login ENM with XCC default account if its password is changed from XCC SSH CLI first after restoring XCC to factory default
Fixed a problem that email alert fails to send to Google SMTP relay service
Fixed a problem that backplanes NVMe drives fails to present in the OS or uEFI

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.


==================================================
Version 1.40 USX312S [Suggested]
Release date:  11/2022
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
CVE-2020-15180 CVE-2020-14812 CVE-2020-14765 CVE-2021-2022 CVE-2020-28912   
CVE-2020-2814 CVE-2020-2812 CVE-2020-2752 CVE-2021-29921 CVE-2021-3177   
CVE-2020-27619 CVE-2021-3737 CVE-2013-0340 CVE-2018-25032 CVE-2022-0391   
CVE-2021-3733 CVE-2021-23336 CVE-2021-3426 CVE-2021-4189 CVE-2022-24735
CVE-2022-24736 CVE-2022-27239 CVE-2022-29869 CVE-2022-1292 CVE-2022-0778
CVE-2021-4160 CVE-2022-29458 CVE-2021-22945 CVE-2022-22576 CVE-2022-27782   
CVE-2022-27775 CVE-2022-27781 CVE-2021-22946 CVE-2022-27776 CVE-2021-22947   
CVE-2022-27774 CVE-2021-30560 CVE-2022-1966 CVE-2022-25258 CVE-2022-0494
CVE-2022-30594 CVE-2022-24958 CVE-2022-1011 CVE-2022-25375 CVE-2022-24448
CVE-2022-1012 CVE-2022-32250 CVE-2022-28356  CVE-2021-27928 CVE-2020-2760
CVE-2022-21427 CVE-2021-2194 CVE-2021-2166 CVE-2021-2154 CVE-2020-14789
CVE-2020-14776 CVE-2022-21451 CVE-2021-45960 CVE-2022-25315 CVE-2022-25236
CVE-2022-25235 CVE-2022-23990 CVE-2022-23852 CVE-2022-22824 CVE-2022-22822
CVE-2022-22823 CVE-2022-22826 CVE-2022-22827 CVE-2022-22825 CVE-2021-46143
CVE-2022-25314 CVE-2022-25313

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
Support embedded network board 
Support Platform Firmware Resilience (PFR) 
Support Thinkshield security pack feature 
SFTP service is disabled by default and will be closed by itself after 5 minutes of inactivity

--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.


==================================================
Version 1.11 USX304Y [Suggested]
Release date : 8/2022
==================================================

--------------------------------------------------------------------------------------------
1.0 Overview
--------------------------------------------------------------------------------------------
Supported products:
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


Supported configurations can be found on the Lenovo Operating System 
Interoperability Guide at the following website: 
https://lenovopress.com/osig

--------------------------------------------------------------------------------------------
2.0 Prerequisites and dependencies
--------------------------------------------------------------------------------------------
None.

-------------------------------------------------------------------------------------------
3.0 Security Fixes
-------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
4.0 Other Fixes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
5.0 Enhancements
--------------------------------------------------------------------------------------------
Enhanced the security checking for virtual media and FPGA image validation.



--------------------------------------------------------------------------------------------
6.0 Other Changes
--------------------------------------------------------------------------------------------
None.

--------------------------------------------------------------------------------------------
7.0 Limitations
--------------------------------------------------------------------------------------------
None.


==================================================
Version 1.10 USX304W [Initial Release]
Release date:  4/29/2022
==================================================

This is the initial release of the product listed below.
- Supports System: Lenovo ThinkEdge SE450 Server, Machine Types: 7D8T


==================================================
Related Information
==================================================

Lenovo Data Center forums
https://forums.lenovo.com/t5/Datacenter-Systems/ct-p/sv_eg

Lenovo Data Center Support
http://datacentersupport.lenovo.com

Lenovo ThinkSystem Rack Server Customer Documentation
http://thinksystem.lenovofiles.com/help/topic/rack_servers/overview_rack_servers.html

XClarity Controller Customer Documentation
http://sysmgt.lenovofiles.com/help/topic/com.lenovo.thinksystem.xcc.doc/product_page.html

Lenovo Product Security Advisories
https://datacentersupport.lenovo.com/us/en/product_security/home