Lucene search

K
cve[email protected]CVE-2012-2163
HistoryJul 30, 2012 - 7:55 p.m.

CVE-2012-2163

2012-07-3019:55:04
CWE-264
web.nvd.nist.gov
21
ibm
sonas
code injection
remote execution
authentication
network attached storage
nvd

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

52.0%

IBM Scale Out Network Attached Storage (SONAS) 1.1 through 1.3.1 allows remote authenticated administrators to execute arbitrary Linux commands via the (1) Command Line Interface or (2) Graphical User Interface, related to a β€œcode injection” issue.

Affected configurations

NVD
Node
ibmscale_out_network_attached_storageMatch1.1
OR
ibmscale_out_network_attached_storageMatch1.3.1
VendorProductVersionCPE
ibmscale_out_network_attached_storage1.1cpe:/h:ibm:scale_out_network_attached_storage:1.1:::
ibmscale_out_network_attached_storage1.3.1cpe:/h:ibm:scale_out_network_attached_storage:1.3.1:::

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

52.0%

Related for CVE-2012-2163