CVE-2015-8108

Published Apr 12, 2016

Last updated 9 years ago

CVSS medium 5.3

Overview

Description: The management interface in LenovoEMC EZ Media & Backup (hm3), ix2/ix2-dl, ix4-300d, px12-400r/450r, px6-300d, px2-300d, px4-300r, px4-400d, px4-400r, and px4-300d NAS devices with firmware before 4.1.204.33661 allows remote attackers to obtain sensitive device information via unspecified vectors.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-254

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:lenovo:emc_firmware:4.1.204.33661:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA7D8F99-65F6-454C-BEF5-D619007E712A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lenovo:emc_ez_media_\\&_backup_\\(hm3\\):-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FEAD1158-A066-4490-B39A-F6623F2674C8"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_ix2\\/ix2-dl:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F1BF51FD-5561-4AD3-A0EB-B15D3205E259"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_ix4-300d_\\(inc_dl\\):-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "87D7A2AB-1E0D-4551-AA87-CA59768A3CB7"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_px12-400r\\/450r:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4DFA8E5-6398-4C0E-9028-9BC7315DA6AE"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_px2-300d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10BF8F59-83EF-472A-854C-91B99F49945C"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_px4-300d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D592F80E-F531-46E6-8D95-62EF9909AE3D"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_px4-300r:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "99A24BDF-3D2D-4038-ACEF-B75A141FFF75"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_px4-400d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D842ECFE-E141-4623-A9D6-C74502167270"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_px4-400r:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0733ED12-467A-484F-949A-E963C4C586E3"
          },
          {
            "criteria": "cpe:2.3:h:lenovo:emc_px6-300d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "82AC7528-B18B-447E-9ADC-37CB0593184F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References