CVE-2019-6160
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.
Una vulnerabilidad en varias versiones de los productos NAS de Iomega y LenovoEMC, podrĂa permitir a un usuario no autenticado acceder a archivos en recursos compartidos de NAS por medio de la API.
*Credits:
Lenovo would like to thank WhiteHat Security and Vertical Structure for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-11 CVE Reserved
- 2019-07-16 CVE Published
- 2023-03-07 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/solutions/LEN-25557 | 2020-08-24 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | Px12-350r Firmware Search vendor "Lenovo" for product "Px12-350r Firmware" | < 4.0.24.34808 Search vendor "Lenovo" for product "Px12-350r Firmware" and version " < 4.0.24.34808" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Px12-350r Search vendor "Lenovo" for product "Px12-350r" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ix12-300r Firmware Search vendor "Lenovo" for product "Ix12-300r Firmware" | < 4.0.24.34808 Search vendor "Lenovo" for product "Ix12-300r Firmware" and version " < 4.0.24.34808" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ix12-300r Search vendor "Lenovo" for product "Ix12-300r" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Home Media Network Hard Drive Firmware Search vendor "Lenovo" for product "Home Media Network Hard Drive Firmware" | < 3.2.16.30221 Search vendor "Lenovo" for product "Home Media Network Hard Drive Firmware" and version " < 3.2.16.30221" | cloud |
Affected
| in | Lenovo Search vendor "Lenovo" | Home Media Network Hard Drive Search vendor "Lenovo" for product "Home Media Network Hard Drive" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Storcenter Ix2-200 Firmware Search vendor "Lenovo" for product "Storcenter Ix2-200 Firmware" | < 3.2.16.30221 Search vendor "Lenovo" for product "Storcenter Ix2-200 Firmware" and version " < 3.2.16.30221" | cloud |
Affected
| in | Lenovo Search vendor "Lenovo" | Storcenter Ix2-200 Search vendor "Lenovo" for product "Storcenter Ix2-200" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Storcenter Ix4-200d Firmware Search vendor "Lenovo" for product "Storcenter Ix4-200d Firmware" | < 3.2.16.30221 Search vendor "Lenovo" for product "Storcenter Ix4-200d Firmware" and version " < 3.2.16.30221" | cloud |
Affected
| in | Lenovo Search vendor "Lenovo" | Storcenter Ix4-200d Search vendor "Lenovo" for product "Storcenter Ix4-200d" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Storcenter Ix2-200 Firmware Search vendor "Lenovo" for product "Storcenter Ix2-200 Firmware" | < 2.1.50.30227 Search vendor "Lenovo" for product "Storcenter Ix2-200 Firmware" and version " < 2.1.50.30227" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Storcenter Ix-200 Search vendor "Lenovo" for product "Storcenter Ix-200" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Storcenter Ix4-200d Firmware Search vendor "Lenovo" for product "Storcenter Ix4-200d Firmware" | < 2.1.50.30227 Search vendor "Lenovo" for product "Storcenter Ix4-200d Firmware" and version " < 2.1.50.30227" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Storcenter Ix4-200d Search vendor "Lenovo" for product "Storcenter Ix4-200d" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Storcenter Ix4-200rl Firmware Search vendor "Lenovo" for product "Storcenter Ix4-200rl Firmware" | < 2.1.50.30227 Search vendor "Lenovo" for product "Storcenter Ix4-200rl Firmware" and version " < 2.1.50.30227" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Storcenter Ix4-200rl Search vendor "Lenovo" for product "Storcenter Ix4-200rl" | - | - |
Safe
|