CVE-2015-8108

Published: Apr 12, 2016Modified: May 6, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

The management interface in LenovoEMC EZ Media & Backup (hm3), ix2/ix2-dl, ix4-300d, px12-400r/450r, px6-300d, px2-300d, px4-300r, px4-400d, px4-400r, and px4-300d NAS devices with firmware before 4.1.204.33661 allows remote attackers to obtain sensitive device information via unspecified vectors.

Affected (1)

Products: Lenovo: Emc Firmware

Lenovo

1 product

Emc Firmware

Configuration A

1 vulnerable · 10 platform

Vulnerable Software	Affected Versions
Lenovo Emc Firmware	Version 4.1.204.33661

Running on/with	Platform Versions
Lenovo Emc Ez Media & Backup (hm3)	All versions
Lenovo Emc Ix2/ix2 Dl	All versions
Lenovo Emc Ix4 300d (inc Dl)	All versions
Lenovo Emc Px12 400r/450r	All versions
Lenovo Emc Px2 300d	All versions
Lenovo Emc Px4 300d	All versions
Lenovo Emc Px4 300r	All versions
Lenovo Emc Px4 400d	All versions
Lenovo Emc Px4 400r	All versions
Lenovo Emc Px6 300d	All versions

Related CWEs

CWE-254

References (2)

https://support.lenovo.com/us/en/product_security/len_3846

Source: cve@mitre.org

Vendor Advisory

https://support.lenovo.com/us/en/product_security/len_3846

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.