Lucene search

[email protected]NVD:CVE-2014-2959

HistoryJun 02, 2014 - 7:55 p.m.

CVE-2014-2959

2014-06-0219:55:03

CWE-78

[email protected]

web.nvd.nist.gov

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:C/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.9%

JSON

logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter.

Affected configurations

NVD

Node

dellpowervault_ml6000_firmwareRange≤i8.2.0.1_\(641g.gs003\)

AND

dellpowervault_ml6000Match32u

dellpowervault_ml6000Match41u

Node

quantumscalar_i500_firmwareRange≤i8.2.2.1_\(646g.gs002\)

AND

quantumscalar_i500Match5u

quantumscalar_i500Match14u

quantumscalar_i500Match23u

References

secunia.com/advisories/59019

www.kb.cert.org/vuls/id/124908

www.securityfocus.com/bid/67751

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:C/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.9%

JSON

Related for NVD:CVE-2014-2959

cvelist1 cve1 cert1 prion1