A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.
Metrics
Affected Vendors & Products
Fixes
Solution
Update to the firmware level (or later) described for your system in the Product Impact section of LEN-25557. If it is not feasible to update the firmware immediately, partial protection can be achieved by removing any public shares and using the device only on trusted networks.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://support.lenovo.com/solutions/LEN-25557 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: lenovo
Published:
Updated: 2024-09-16T18:08:53.112Z
Reserved: 2019-01-11T00:00:00
Link: CVE-2019-6160

No data.

Status : Modified
Published: 2019-07-16T19:15:13.127
Modified: 2024-11-21T04:46:03.290
Link: CVE-2019-6160

No data.

No data.