Lucene search

[email protected]CVE-2002-1863

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1863

2022-10-0316:23:47

[email protected]

web.nvd.nist.gov

iomega

nas

a300u

ftp

access control

security vulnerability

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled.

Affected configurations

NVD

Node

iomeganetwork_attached_storageMatcha300u

CPENameOperatorVersion
iomega:network_attached_storageiomega network attached storageeqa300u

CPE	Name	Operator	Version
iomega:network_attached_storage	iomega network attached storage	eq	a300u

References

archives.neohapsis.com/archives/bugtraq/2002-10/0440.html

www.iss.net/security_center/static/10530.php

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2002-1863

nvd1 cvelist1