Vulnerabilities > Lenovo > A1 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-18 | CVE-2021-42848 | Missing Authorization vulnerability in Lenovo products An information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to retrieve device and networking details. | 5.3 |
| 2022-05-18 | CVE-2021-42849 | Improper Authentication vulnerability in Lenovo products A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical access. | 6.8 |
| 2022-05-18 | CVE-2021-42851 | Unspecified vulnerability in Lenovo products A vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to create a standard user account. | 5.3 |