CVE-2019-6178
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents.
Una vulnerabilidad de filtración de información en los productos NAS de Iomega y LenovoEMC, podría permitir la divulgación de algunos detalles del dispositivo, tales como nombres de Share por medio de la API del dispositivo cuando es habilitado Personal Cloud. Esto no permite leer, escribir, eliminar o cualquier otro acceso a los sistemas de archivos subyacentes y sus contenidos.
*Credits:
Lenovo would like to thank Rafael Pedrero for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-11 CVE Reserved
- 2019-08-19 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/solutions/LEN-25557 | 2022-10-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | Px12-350r Firmware Search vendor "Lenovo" for product "Px12-350r Firmware" | 4.0.24.34808 Search vendor "Lenovo" for product "Px12-350r Firmware" and version "4.0.24.34808" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Px12-350r Search vendor "Lenovo" for product "Px12-350r" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ix12-300r Firmware Search vendor "Lenovo" for product "Ix12-300r Firmware" | 4.0.24.34808 Search vendor "Lenovo" for product "Ix12-300r Firmware" and version "4.0.24.34808" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ix12-300r Search vendor "Lenovo" for product "Ix12-300r" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Home Media Network Hard Drive Firmware Search vendor "Lenovo" for product "Home Media Network Hard Drive Firmware" | 3.2.16.30221 Search vendor "Lenovo" for product "Home Media Network Hard Drive Firmware" and version "3.2.16.30221" | cloud |
Affected
| in | Lenovo Search vendor "Lenovo" | Home Media Network Hard Drive Search vendor "Lenovo" for product "Home Media Network Hard Drive" | - | cloud |
Safe
|
| Lenovo Search vendor "Lenovo" | Storecenter Ix2-200 Firmware Search vendor "Lenovo" for product "Storecenter Ix2-200 Firmware" | 3.2.16.30221 Search vendor "Lenovo" for product "Storecenter Ix2-200 Firmware" and version "3.2.16.30221" | cloud |
Affected
| in | Lenovo Search vendor "Lenovo" | Storecenter Ix2-200 Search vendor "Lenovo" for product "Storecenter Ix2-200" | - | cloud |
Safe
|
| Lenovo Search vendor "Lenovo" | Storecenter Ix4-200d Firmware Search vendor "Lenovo" for product "Storecenter Ix4-200d Firmware" | 3.2.16.30221 Search vendor "Lenovo" for product "Storecenter Ix4-200d Firmware" and version "3.2.16.30221" | cloud |
Affected
| in | Lenovo Search vendor "Lenovo" | Storecenter Ix4-200d Search vendor "Lenovo" for product "Storecenter Ix4-200d" | - | cloud |
Safe
|
| Lenovo Search vendor "Lenovo" | Storecenter Ix2-200 Firmware Search vendor "Lenovo" for product "Storecenter Ix2-200 Firmware" | 2.1.50.30227 Search vendor "Lenovo" for product "Storecenter Ix2-200 Firmware" and version "2.1.50.30227" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Storecenter Ix2-200 Search vendor "Lenovo" for product "Storecenter Ix2-200" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Storecenter Ix4-200d Firmware Search vendor "Lenovo" for product "Storecenter Ix4-200d Firmware" | 2.1.50.30227 Search vendor "Lenovo" for product "Storecenter Ix4-200d Firmware" and version "2.1.50.30227" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Storecenter Ix4-200d Search vendor "Lenovo" for product "Storecenter Ix4-200d" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Storecenter Ix4-200rl Firmware Search vendor "Lenovo" for product "Storecenter Ix4-200rl Firmware" | 2.1.50.30227 Search vendor "Lenovo" for product "Storecenter Ix4-200rl Firmware" and version "2.1.50.30227" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Storecenter Ix4-200rl Search vendor "Lenovo" for product "Storecenter Ix4-200rl" | - | - |
Safe
|