Search criteria
2 vulnerabilities found for EZ Media & Backup Center ix2 by Lenovo
CVE-2019-19758 (GCVE-0-2019-19758)
Vulnerability from nvd – Published: 2020-02-14 17:10 – Updated: 2024-09-16 16:23
VLAI
Summary
A vulnerability in the web interface of Lenovo EZ Media & Backup Center, ix2 & ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page.
Severity
6.1 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.lenovo.com/us/en/product_security… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | EZ Media & Backup Center ix2 |
Affected:
unspecified , ≤ 4.1.406.34763
(custom)
|
|
| Lenovo | EZ Media & Backup Center ix2-dl |
Affected:
unspecified , ≤ 4.1.406.34763
(custom)
|
Date Public
2020-02-14 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-30242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EZ Media \u0026 Backup Center ix2",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "4.1.406.34763",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "EZ Media \u0026 Backup Center ix2-dl",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "4.1.406.34763",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Mostafa Noureldin for reporting this issue."
}
],
"datePublic": "2020-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-14T17:10:24.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-30242"
}
],
"solutions": [
{
"lang": "en",
"value": "Lenovo has ended support for Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl as of March 31, 2019, therefore Lenovo recommends discontinuation of use. If it is not feasible to discontinue use, Lenovo recommends using the device only on trusted networks and clicking on device URLs only from trustworthy sources."
}
],
"source": {
"advisory": "LEN-30242",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-02-14T17:00:00.000Z",
"ID": "CVE-2019-19758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EZ Media \u0026 Backup Center ix2",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.1.406.34763"
}
]
}
},
{
"product_name": "EZ Media \u0026 Backup Center ix2-dl",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.1.406.34763"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Mostafa Noureldin for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web interface of Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-30242",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-30242"
}
]
},
"solution": [
{
"lang": "en",
"value": "Lenovo has ended support for Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl as of March 31, 2019, therefore Lenovo recommends discontinuation of use. If it is not feasible to discontinue use, Lenovo recommends using the device only on trusted networks and clicking on device URLs only from trustworthy sources."
}
],
"source": {
"advisory": "LEN-30242",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2019-19758",
"datePublished": "2020-02-14T17:10:24.379Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:23:29.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19758 (GCVE-0-2019-19758)
Vulnerability from cvelistv5 – Published: 2020-02-14 17:10 – Updated: 2024-09-16 16:23
VLAI
Summary
A vulnerability in the web interface of Lenovo EZ Media & Backup Center, ix2 & ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page.
Severity
6.1 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.lenovo.com/us/en/product_security… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | EZ Media & Backup Center ix2 |
Affected:
unspecified , ≤ 4.1.406.34763
(custom)
|
|
| Lenovo | EZ Media & Backup Center ix2-dl |
Affected:
unspecified , ≤ 4.1.406.34763
(custom)
|
Date Public
2020-02-14 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-30242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EZ Media \u0026 Backup Center ix2",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "4.1.406.34763",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "EZ Media \u0026 Backup Center ix2-dl",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "4.1.406.34763",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Mostafa Noureldin for reporting this issue."
}
],
"datePublic": "2020-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-14T17:10:24.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-30242"
}
],
"solutions": [
{
"lang": "en",
"value": "Lenovo has ended support for Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl as of March 31, 2019, therefore Lenovo recommends discontinuation of use. If it is not feasible to discontinue use, Lenovo recommends using the device only on trusted networks and clicking on device URLs only from trustworthy sources."
}
],
"source": {
"advisory": "LEN-30242",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-02-14T17:00:00.000Z",
"ID": "CVE-2019-19758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EZ Media \u0026 Backup Center ix2",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.1.406.34763"
}
]
}
},
{
"product_name": "EZ Media \u0026 Backup Center ix2-dl",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.1.406.34763"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Mostafa Noureldin for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web interface of Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-30242",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-30242"
}
]
},
"solution": [
{
"lang": "en",
"value": "Lenovo has ended support for Lenovo EZ Media \u0026 Backup Center, ix2 \u0026 ix2-dl as of March 31, 2019, therefore Lenovo recommends discontinuation of use. If it is not feasible to discontinue use, Lenovo recommends using the device only on trusted networks and clicking on device URLs only from trustworthy sources."
}
],
"source": {
"advisory": "LEN-30242",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2019-19758",
"datePublished": "2020-02-14T17:10:24.379Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:23:29.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}