漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Iomega and LenovoEMC NAS Web UI Vulnerabilities
Vulnerability Description
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the password changing functionality available to authenticated users does not require the user's current password to set a new one. As a result, attackers with access to the user's session tokens can change their password and retain access to the user's account
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Lenovo产品安全漏洞
Vulnerability Description
Lenovo Iomega StorCenter px12-450r等都是中国联想(Lenovo)公司的存储设备。 使用4.1.402.34662及之前版本固件的多款Lenovo产品中的Web UI存在安全漏洞,该漏洞源于密码更改功能没有要求用户的当前密码来设置新密码。攻击者可利用该漏洞更改用户密码,获取用户账户的访问权限。以下产品受到影响:Lenovo Iomega StorCenter px12-450r,StorCenter px12-400r,StorCenter px4-300r,StorCen
CVSS Information
N/A
Vulnerability Type
N/A