{ "id": "CVE-2019-6178", "sourceIdentifier": "psirt@lenovo.com", "published": "2019-08-19T16:15:11.177", "lastModified": "2022-10-14T03:22:18.217", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents." }, { "lang": "es", "value": "Una vulnerabilidad de filtraci\u00f3n de informaci\u00f3n en los productos NAS de Iomega y LenovoEMC, podr\u00eda permitir la divulgaci\u00f3n de algunos detalles del dispositivo, tales como nombres de Share por medio de la API del dispositivo cuando es habilitado Personal Cloud. Esto no permite leer, escribir, eliminar o cualquier otro acceso a los sistemas de archivos subyacentes y sus contenidos." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 3.9, "impactScore": 1.4 } ], "cvssMetricV30": [ { "source": "psirt@lenovo.com", "type": "Secondary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 3.9, "impactScore": 1.4 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:px12-350r_firmware:4.0.24.34808:*:*:*:*:*:*:*", "matchCriteriaId": "96C7BA12-B49F-4918-AE76-783FE5D72311" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:px12-350r:-:*:*:*:*:*:*:*", "matchCriteriaId": "ACA01452-5C7E-4D17-B0EA-1452BD8E9D3D" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:ix12-300r_firmware:4.0.24.34808:*:*:*:*:*:*:*", "matchCriteriaId": "3E03088D-AF8D-44DC-9505-8407A8EEB79D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:ix12-300r:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DEEAB5E-4F49-4315-B331-E96D3C36BF7D" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:home_media_network_hard_drive_firmware:3.2.16.30221:*:*:*:cloud:*:*:*", "matchCriteriaId": "F4543A6C-DF49-4CB9-8CDD-7C89FF236CEB" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:home_media_network_hard_drive:-:*:*:*:cloud:*:*:*", "matchCriteriaId": "6B4860CB-8607-4108-9FA9-1F89100D365F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:storecenter_ix2-200_firmware:3.2.16.30221:*:*:*:cloud:*:*:*", "matchCriteriaId": "9723A284-20F9-4D48-B0A1-7D631D4EABA5" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:storecenter_ix2-200:-:*:*:*:cloud:*:*:*", "matchCriteriaId": "E03858D4-EF15-4B7D-BF8E-BEE20F6CE639" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:storecenter_ix4-200d_firmware:3.2.16.30221:*:*:*:cloud:*:*:*", "matchCriteriaId": "3C53D400-C373-4491-8B6A-F0C02AFA7379" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:storecenter_ix4-200d:-:*:*:*:cloud:*:*:*", "matchCriteriaId": "6F712AED-7A21-469B-A3D3-3D3AF39AE18D" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:storecenter_ix2-200_firmware:2.1.50.30227:*:*:*:*:*:*:*", "matchCriteriaId": "6A8050CE-8F33-47F6-9EF5-EC0662423838" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:storecenter_ix2-200:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C4A192B-5735-43C2-8B80-23151CC7951D" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:storecenter_ix4-200d_firmware:2.1.50.30227:*:*:*:*:*:*:*", "matchCriteriaId": "124E6257-0C36-47C5-A9E7-2D09AA1DE340" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:storecenter_ix4-200d:-:*:*:*:*:*:*:*", "matchCriteriaId": "09FA28CB-E93C-4577-8E25-40760DDE5998" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:storecenter_ix4-200rl_firmware:2.1.50.30227:*:*:*:*:*:*:*", "matchCriteriaId": "1021BFCD-3881-4D05-8944-3697A9B9D63A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:storecenter_ix4-200rl:-:*:*:*:*:*:*:*", "matchCriteriaId": "34873C9B-4320-40F0-B57B-720481EF1C54" } ] } ] } ], "references": [ { "url": "https://support.lenovo.com/solutions/LEN-25557", "source": "psirt@lenovo.com", "tags": [ "Vendor Advisory" ] } ] }