NAS A300U
by Iomega
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1949 | Hig | 0.49 | 7.5 | 0.00 | Dec 31, 2002 | The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password. | ||
| CVE-2002-1863 | 0.00 | — | 0.00 | Dec 31, 2002 | Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled. | |||
| CVE-2002-1955 | 0.00 | — | 0.01 | Dec 31, 2002 | Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack. |
- risk 0.49cvss 7.5epss 0.00
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password.
- CVE-2002-1863Dec 31, 2002risk 0.00cvss —epss 0.00
Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled.
- CVE-2002-1955Dec 31, 2002risk 0.00cvss —epss 0.01
Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack.