A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.
Fixes

Solution

Update to the firmware level (or later) described for your system in the Product Impact section of LEN-25557. If it is not feasible to update the firmware immediately, partial protection can be achieved by removing any public shares and using the device only on trusted networks.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published:

Updated: 2024-09-16T18:08:53.112Z

Reserved: 2019-01-11T00:00:00

Link: CVE-2019-6160

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-16T19:15:13.127

Modified: 2024-11-21T04:46:03.290

Link: CVE-2019-6160

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.