The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView prior to 4.50.09 allows remote malicious users to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
fujitsu serverview 4.10l11 |
||
fujitsu serverview 4.11l11b |
||
fujitsu serverview 4.30.3 |
||
fujitsu serverview 4.30.4 |
||
fujitsu serverview 4.40.2 |
||
fujitsu serverview 4.40.3 |
||
fujitsu serverview 4.50.4 |
||
fujitsu serverview 4.50.5 |
||
fujitsu serverview 3.60l98 |
||
fujitsu serverview 3.60l99 |
||
fujitsu serverview 4.30.13 |
||
fujitsu serverview 4.30.2 |
||
fujitsu serverview 4.30.9 |
||
fujitsu serverview 4.40.1 |
||
fujitsu serverview 4.50.2 |
||
fujitsu serverview 4.50.3 |
||
fujitsu serverview 4.11l81 |
||
fujitsu serverview 4.30.1 |
||
fujitsu serverview 4.30.5 |
||
fujitsu serverview 4.30.6 |
||
fujitsu serverview 4.40.4 |
||
fujitsu serverview 4.40.5 |
||
fujitsu serverview 4.50.6 |
||
fujitsu serverview 4.50.7 |
||
fujitsu serverview 4.50.8 |
||
fujitsu serverview 2.50 |
||
fujitsu serverview 4.30.10 |
||
fujitsu serverview 4.30.11 |
||
fujitsu serverview 4.30.12 |
||
fujitsu serverview 4.30.7 |
||
fujitsu serverview 4.30.8 |
||
fujitsu serverview 4.40.6 |
||
fujitsu serverview 4.50.1 |
Vulmon