Lucene search

LenovoCVELIST:CVE-2019-19758

HistoryFeb 14, 2020 - 12:00 a.m.

CVE-2019-19758

2020-02-1400:00:00

CWE-601

lenovo

www.cve.org

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

A vulnerability in the web interface of Lenovo EZ Media & Backup Center, ix2 & ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page.

CNA Affected

[
  {
    "product": "EZ Media & Backup Center ix2",
    "vendor": "Lenovo",
    "versions": [
      {
        "lessThanOrEqual": "4.1.406.34763",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "EZ Media & Backup Center ix2-dl",
    "vendor": "Lenovo",
    "versions": [
      {
        "lessThanOrEqual": "4.1.406.34763",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-30242

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

Related for CVELIST:CVE-2019-19758