5.3
CVE-2019-6178
- EPSS 0.37%
- Published 19.08.2019 16:15:11
- Last modified 21.11.2024 04:46:06
- Source psirt@lenovo.com
- Teams watchlist Login
- Open Login
An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents.
Data is provided by the National Vulnerability Database (NVD)
Lenovo ≫ Px12-350r Firmware Version4.0.24.34808
Lenovo ≫ Ix12-300r Firmware Version4.0.24.34808
Lenovo ≫ Home Media Network Hard Drive Firmware Version3.2.16.30221 SwEditioncloud
Lenovo ≫ Storecenter Ix2-200 Firmware Version3.2.16.30221 SwEditioncloud
Lenovo ≫ Storecenter Ix4-200d Firmware Version3.2.16.30221 SwEditioncloud
Lenovo ≫ Storecenter Ix2-200 Firmware Version2.1.50.30227
Lenovo ≫ Storecenter Ix4-200d Firmware Version2.1.50.30227
Lenovo ≫ Storecenter Ix4-200rl Firmware Version2.1.50.30227
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.556 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
| psirt@lenovo.com | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|