CVE-2013-0706

2013-02-2200:55:01

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

AI Score

6.9

Confidence

Low

EPSS

0.005

Percentile

77.4%

JSON

NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and earlier, and 2.5 Rev 2244 and earlier does not provide access control, which allows remote attackers to perform arbitrary RAID disk operations via unspecified vectors.

Affected configurations

Nvd

Node

necuniversal_raid_utilityRange≤1.40rev_680

necuniversal_raid_utilityRange≤2.5rev_2244

necuniversal_raid_utilityRange≤2.31rev_1492

necuniversal_raid_utilityMatch1.40

necuniversal_raid_utilityMatch2.5

necuniversal_raid_utilityMatch2.31

VendorProductVersionCPE
necuniversal_raid_utility*cpe:2.3:a:nec:universal_raid_utility:*:rev_680:*:*:*:*:*:*
necuniversal_raid_utility*cpe:2.3:a:nec:universal_raid_utility:*:rev_2244:*:*:*:*:*:*
necuniversal_raid_utility*cpe:2.3:a:nec:universal_raid_utility:*:rev_1492:*:*:*:*:*:*
necuniversal_raid_utility1.40cpe:2.3:a:nec:universal_raid_utility:1.40:*:*:*:*:*:*:*
necuniversal_raid_utility2.5cpe:2.3:a:nec:universal_raid_utility:2.5:*:*:*:*:*:*:*
necuniversal_raid_utility2.31cpe:2.3:a:nec:universal_raid_utility:2.31:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nec	universal_raid_utility	*	cpe:2.3:a:nec:universal_raid_utility::rev_680::::::*
nec	universal_raid_utility	*	cpe:2.3:a:nec:universal_raid_utility::rev_2244::::::*
nec	universal_raid_utility	*	cpe:2.3:a:nec:universal_raid_utility::rev_1492::::::*
nec	universal_raid_utility	1.40	cpe:2.3:a:nec:universal_raid_utility:1.40:::::::*
nec	universal_raid_utility	2.5	cpe:2.3:a:nec:universal_raid_utility:2.5:::::::*
nec	universal_raid_utility	2.31	cpe:2.3:a:nec:universal_raid_utility:2.31:::::::*