5.3
CVE-2019-6178
- EPSS 0.37%
- Veröffentlicht 19.08.2019 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:46:06
- Quelle psirt@lenovo.com
- Teams Watchlist Login
- Unerledigt Login
An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Lenovo ≫ Px12-350r Firmware Version4.0.24.34808
Lenovo ≫ Ix12-300r Firmware Version4.0.24.34808
Lenovo ≫ Home Media Network Hard Drive Firmware Version3.2.16.30221 SwEditioncloud
Lenovo ≫ Storecenter Ix2-200 Firmware Version3.2.16.30221 SwEditioncloud
Lenovo ≫ Storecenter Ix4-200d Firmware Version3.2.16.30221 SwEditioncloud
Lenovo ≫ Storecenter Ix2-200 Firmware Version2.1.50.30227
Lenovo ≫ Storecenter Ix4-200d Firmware Version2.1.50.30227
Lenovo ≫ Storecenter Ix4-200rl Firmware Version2.1.50.30227
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.556 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
| psirt@lenovo.com | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|