Lucene search

[email protected]CVE-2010-2860

HistoryAug 05, 2010 - 1:22 p.m.

CVE-2010-2860

2010-08-0513:22:00

CWE-264

[email protected]

web.nvd.nist.gov

emc celerra

nas

network attached storage

external network

remote attackers

arbitrary files

nfs

security vulnerability

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.13 Low

EPSS

Percentile

95.5%

JSON

The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.

CPENameOperatorVersion
emc:celerra_network_attached_storageemc celerra network attached storageeq*

CPE	Name	Operator	Version
emc:celerra_network_attached_storage	emc celerra network attached storage	eq	*

References

archives.neohapsis.com/archives/fulldisclosure/2010-08/0018.html

securitytracker.com/id?1024271

www.exploit-db.com/exploits/14536

www.securityfocus.com/archive/1/512823/100/0/threaded

www.securityfocus.com/archive/1/513564/100/0/threaded

www.securityfocus.com/bid/42134

www.vupen.com/english/advisories/2010/2337

exchange.xforce.ibmcloud.com/vulnerabilities/60885

www.trustwave.com/spiderlabs/advisories/TWSL2010-003.txt

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.13 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2010-2860

securityvulns3 prion1 exploitpack1 cvelist1 exploitdb1