Vulnerability Details CVE-2019-6178
An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 4.3
References
Products affected by CVE-2019-6178
-
cpe:2.3:h:lenovo:home_media_network_hard_drive:-
-
cpe:2.3:h:lenovo:ix12-300r:-
-
cpe:2.3:h:lenovo:px12-350r:-
-
cpe:2.3:h:lenovo:storecenter_ix2-200:-
-
cpe:2.3:h:lenovo:storecenter_ix4-200d:-
-
cpe:2.3:h:lenovo:storecenter_ix4-200rl:-
-
cpe:2.3:o:lenovo:home_media_network_hard_drive_firmware:3.2.16.30221
-
cpe:2.3:o:lenovo:ix12-300r_firmware:4.0.24.34808
-
cpe:2.3:o:lenovo:px12-350r_firmware:4.0.24.34808
-
cpe:2.3:o:lenovo:storecenter_ix2-200_firmware:2.1.50.30227
-
cpe:2.3:o:lenovo:storecenter_ix2-200_firmware:3.2.16.30221
-
cpe:2.3:o:lenovo:storecenter_ix4-200d_firmware:2.1.50.30227
-
cpe:2.3:o:lenovo:storecenter_ix4-200d_firmware:3.2.16.30221
-
cpe:2.3:o:lenovo:storecenter_ix4-200rl_firmware:2.1.50.30227