CVE-2002-1863

Published Dec 31, 2002

Last updated 16 years ago

Overview

Description: Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iomega:network_attached_storage:a300u:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C4C7FA6-95A4-40B7-A1B2-AF1FB93B3101"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References