CVE DATABASE / CVE-2002-1949
CVE-2002-1949
CVSS 7.5 · HIGH
Summary
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password.
CVSS 3.1 breakdown
| Base score | 7.5 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | NONE |
| Availability | NONE |
Weakness type (CWE)
Affected products
Iomega nas a300u firmwareIomega nas a300u
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0440.html
- http://www.iss.net/security_center/static/10521.php
- http://www.securityfocus.com/bid/6092
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.