CVE-2002-1863
CVE-2002-1863 is a medium-severity vulnerability in Iomega Network Attached Storage with a CVSS 2.0 base score of 4.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 4.6)
- EPSS exploit prediction: 0% (23rd percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Iomega Network Attached Storage
- Published:
- Last modified:
Description
Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled.
Frequently asked questions
- What is CVE-2002-1863?
- Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled.
- How severe is CVE-2002-1863?
- CVE-2002-1863 has a CVSS 2.0 base score of 4.6, rated medium severity.
- Is CVE-2002-1863 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (23rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2002-1863?
- CVE-2002-1863 affects Iomega Network Attached Storage. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2002-1863?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2002-1863 published?
- CVE-2002-1863 was published on 2002-12-31 and last updated on 2026-06-16.
References
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0440.html
- http://www.iss.net/security_center/static/10530.php
Affected products (1)
- cpe:2.3:h:iomega:network_attached_storage:a300u:*:*:*:*:*:*:*