CVE 2016-8230

In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.

See the CVE page on Mitre.org for more details.