CVE-2019-6160
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.
Affected (8)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.0.24.34808 |
| Running on/with | Platform Versions |
|---|---|
Lenovo Px12 350r | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.0.24.34808 |
| Running on/with | Platform Versions |
|---|---|
Lenovo Ix12 300r | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.30221 |
| Running on/with | Platform Versions |
|---|---|
Lenovo Home Media Network Hard Drive | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.30221 |
| Running on/with | Platform Versions |
|---|---|
Lenovo Storcenter Ix2 200 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.30221 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.1.50.30227 |
| Running on/with | Platform Versions |
|---|---|
Lenovo Storcenter Ix 200 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.1.50.30227 |
| Running on/with | Platform Versions |
|---|---|
Lenovo Storcenter Ix4 200d | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.1.50.30227 |
| Running on/with | Platform Versions |
|---|---|
Lenovo Storcenter Ix4 200rl | All versions |
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.