Information Leakage Vulnerability in Iomega and LenovoEMC NAS Products with Personal Cloud Enabled

Information Leakage Vulnerability in Iomega and LenovoEMC NAS Products with Personal Cloud Enabled

CVE-2019-6178 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents.

Learn more about our Api Penetration Testing.