Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6
CVSSv2

CVE-2012-1843

Published: 22/03/2012 Updated: 10/01/2018
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
VMScore: 534
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Scalar I500 Firmware

Vulnerability Summary

Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote malicious users to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

quantum scalar_i500_firmware i7.0.1

quantum scalar_i500_firmware i7

quantum scalar_i500_firmware i3

quantum scalar_i500_firmware sp4.2

quantum scalar_i500_firmware i6.1

quantum scalar_i500_firmware i6

quantum scalar_i500_firmware sp4

quantum scalar_i500_firmware i2

quantum scalar_i500_firmware i5.1

quantum scalar_i500_firmware i5

quantum scalar_i500_firmware

quantum scalar_i500_firmware i4

quantum scalar_i500_firmware i3.1

quantum scalar_i500 14u

quantum scalar_i500 23u

quantum scalar_i500 5u

dell powervault_ml6000_firmware 585g.gs003

dell powervault_ml6010 5u

dell powervault_ml6020 14u

dell powervault_ml6030 23u

dell powervault_ml6000 41u

dell powervault_ml6000 32u

References

CWE-352http://www.kb.cert.org/vuls/id/MAPG-8NNKN8http://www.kb.cert.org/vuls/id/MAPG-8NVRPYhttp://www.kb.cert.org/vuls/id/913483https://exchange.xforce.ibmcloud.com/vulnerabilities/74161http://secunia.com/advisories/48453http://secunia.com/advisories/48403http://osvdb.org/80227https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/913483
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook