mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
327 lines
9.3 KiB
JSON
327 lines
9.3 KiB
JSON
{
|
|
"id": "CVE-2019-6178",
|
|
"sourceIdentifier": "psirt@lenovo.com",
|
|
"published": "2019-08-19T16:15:11.177",
|
|
"lastModified": "2022-10-14T03:22:18.217",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad de filtraci\u00f3n de informaci\u00f3n en los productos NAS de Iomega y LenovoEMC, podr\u00eda permitir la divulgaci\u00f3n de algunos detalles del dispositivo, tales como nombres de Share por medio de la API del dispositivo cuando es habilitado Personal Cloud. Esto no permite leer, escribir, eliminar o cualquier otro acceso a los sistemas de archivos subyacentes y sus contenidos."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
],
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "psirt@lenovo.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:px12-350r_firmware:4.0.24.34808:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "96C7BA12-B49F-4918-AE76-783FE5D72311"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:px12-350r:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ACA01452-5C7E-4D17-B0EA-1452BD8E9D3D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:ix12-300r_firmware:4.0.24.34808:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3E03088D-AF8D-44DC-9505-8407A8EEB79D"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:ix12-300r:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DEEAB5E-4F49-4315-B331-E96D3C36BF7D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:home_media_network_hard_drive_firmware:3.2.16.30221:*:*:*:cloud:*:*:*",
|
|
"matchCriteriaId": "F4543A6C-DF49-4CB9-8CDD-7C89FF236CEB"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:home_media_network_hard_drive:-:*:*:*:cloud:*:*:*",
|
|
"matchCriteriaId": "6B4860CB-8607-4108-9FA9-1F89100D365F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:storecenter_ix2-200_firmware:3.2.16.30221:*:*:*:cloud:*:*:*",
|
|
"matchCriteriaId": "9723A284-20F9-4D48-B0A1-7D631D4EABA5"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:storecenter_ix2-200:-:*:*:*:cloud:*:*:*",
|
|
"matchCriteriaId": "E03858D4-EF15-4B7D-BF8E-BEE20F6CE639"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:storecenter_ix4-200d_firmware:3.2.16.30221:*:*:*:cloud:*:*:*",
|
|
"matchCriteriaId": "3C53D400-C373-4491-8B6A-F0C02AFA7379"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:storecenter_ix4-200d:-:*:*:*:cloud:*:*:*",
|
|
"matchCriteriaId": "6F712AED-7A21-469B-A3D3-3D3AF39AE18D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:storecenter_ix2-200_firmware:2.1.50.30227:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6A8050CE-8F33-47F6-9EF5-EC0662423838"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:storecenter_ix2-200:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4C4A192B-5735-43C2-8B80-23151CC7951D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:storecenter_ix4-200d_firmware:2.1.50.30227:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "124E6257-0C36-47C5-A9E7-2D09AA1DE340"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:storecenter_ix4-200d:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "09FA28CB-E93C-4577-8E25-40760DDE5998"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:lenovo:storecenter_ix4-200rl_firmware:2.1.50.30227:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1021BFCD-3881-4D05-8944-3697A9B9D63A"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:lenovo:storecenter_ix4-200rl:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "34873C9B-4320-40F0-B57B-720481EF1C54"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://support.lenovo.com/solutions/LEN-25557",
|
|
"source": "psirt@lenovo.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |