Japan Vulnerability NotesJVN:52509236JVN#52509236: HDL-A and HDL2-A Series vulnerable in session management
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.5%
HDL-A and HDL2-A Series provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. HDL-A and HDL2-A Series contain a vulnerability related to the management of sessions.
Impact
A remote unauthenticated attacker may impersonate a user. As a result, information may be disclosed or altered.
Solution
Update the Firmware
Apply the firmware update provided by the developer.
Products Affected
- HDL-A Series (includes HDL-AS, HDL-AH, HDL-A/E Series) firmware version 1.07 and earlier
- HDL2-A Series (includes HDL2-AH, HDL2-A/E Series) firmware version 1.07 and earlier
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.5%