Lucene search

[email protected]CVE-2007-1836

HistoryApr 03, 2007 - 12:19 a.m.

CVE-2007-1836

2007-04-0300:19:00

[email protected]

web.nvd.nist.gov

cve-2007-1836

data domain os

remote authenticated users

command execution

shell metacharacters

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

JSON

The command line administration interface in Data Domain OS before 4.0.3.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in certain arguments to various commands, as demonstrated by the interface argument to the (1) ifconfig and (2) ping commands.

Affected configurations

NVD

Node

data_domaindata_domain_osRange≤4.0.3.5

CPENameOperatorVersion
data_domain:data_domain_osdata domain data domain osle4.0.3.5

CPE	Name	Operator	Version
data_domain:data_domain_os	data domain data domain os	le	4.0.3.5

References

osvdb.org/34537

secunia.com/advisories/24666

securityreason.com/securityalert/2516

www.securityfocus.com/archive/1/464085/100/0/threaded

www.securityfocus.com/bid/23182

exchange.xforce.ibmcloud.com/vulnerabilities/33291

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

JSON

Related for CVE-2007-1836

securityvulns1 nvd1 cvelist1 prion1