Vulnerabilities > CVE-2019-6160 - Unspecified vulnerability in Lenovo products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

lenovo

NVD

Published: 2019-07-16

Updated: 2020-08-24

Summary

A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.

Vulnerable Configurations

Part	Description	Count
OS	Lenovo Lenovo Px12 350R Firmware * Lenovo Ix12 300R Firmware * Lenovo Home Media Network Hard Drive Firmware * Lenovo Storcenter IX2 200 Firmware * Lenovo Storcenter IX4 200D Firmware * Lenovo Storcenter IX4 200Rl Firmware *	8
Hardware	Lenovo Lenovo Px12 350R - Lenovo Ix12 300R - Lenovo Home Media Network Hard Drive - Lenovo Storcenter IX2 200 - Lenovo Storcenter IX4 200D - Lenovo Storcenter IX 200 - Lenovo Storcenter IX4 200Rl -	7

References

https://support.lenovo.com/solutions/LEN-25557