CVE-2012-0261

2013-12-3120:55:04

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.838

Percentile

98.5%

JSON

license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for an install action.

Affected configurations

Nvd

Node

op5monitorRange≤5.5.1

op5monitorMatch5.3.5

op5monitorMatch5.4.0

op5monitorMatch5.4.2

op5monitorMatch5.5.0

op5system-portalRange≤1.6.1

VendorProductVersionCPE
op5monitor*cpe:2.3:a:op5:monitor:*:*:*:*:*:*:*:*
op5monitor5.3.5cpe:2.3:a:op5:monitor:5.3.5:*:*:*:*:*:*:*
op5monitor5.4.0cpe:2.3:a:op5:monitor:5.4.0:*:*:*:*:*:*:*
op5monitor5.4.2cpe:2.3:a:op5:monitor:5.4.2:*:*:*:*:*:*:*
op5monitor5.5.0cpe:2.3:a:op5:monitor:5.5.0:*:*:*:*:*:*:*
op5system-portal*cpe:2.3:a:op5:system-portal:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
op5	monitor	*	cpe:2.3:a:op5:monitor::::::::
op5	monitor	5.3.5	cpe:2.3:a:op5:monitor:5.3.5:::::::*
op5	monitor	5.4.0	cpe:2.3:a:op5:monitor:5.4.0:::::::*
op5	monitor	5.4.2	cpe:2.3:a:op5:monitor:5.4.2:::::::*
op5	monitor	5.5.0	cpe:2.3:a:op5:monitor:5.5.0:::::::*
op5	system-portal	*	cpe:2.3:a:op5:system-portal::::::::