CVE-2012-1841

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-1841

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

A

bsolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter.

References
Link Resource
http://osvdb.org/80226
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483 US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NVRPY US Government Resource
http://osvdb.org/80226
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483 US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NVRPY US Government Resource
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:quantum:scalar_i500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i2:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i3:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i3.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i4:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i5:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i5.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i6:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i6.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i7:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:sp4:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:sp4.2:*:*:*:*:*:*:*
OR cpe:2.3:h:quantum:scalar_i500:5u:*:*:*:*:*:*:*
cpe:2.3:h:quantum:scalar_i500:14u:*:*:*:*:*:*:*
cpe:2.3:h:quantum:scalar_i500:23u:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:dell:powervault_ml6000_firmware:585g.gs003:*:*:*:*:*:*:*
OR cpe:2.3:h:dell:powervault_ml6000:32u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6000:41u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6010:5u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6020:14u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6030:23u:*:*:*:*:*:*:*
History

21 Nov 2024, 01:37

Type Values Removed Values Added
References () http://osvdb.org/80226 - () http://osvdb.org/80226 -
References () http://secunia.com/advisories/48403 - () http://secunia.com/advisories/48403 -
References () http://secunia.com/advisories/48453 - () http://secunia.com/advisories/48453 -
References () http://www.kb.cert.org/vuls/id/913483 - US Government Resource () http://www.kb.cert.org/vuls/id/913483 - US Government Resource
References () http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 - US Government Resource () http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 - US Government Resource
References () http://www.kb.cert.org/vuls/id/MAPG-8NVRPY - US Government Resource () http://www.kb.cert.org/vuls/id/MAPG-8NVRPY - US Government Resource
Information

Published : 2012-03-22 10:17

Updated : 2025-04-11 00:51

NVD link : CVE-2012-1841

Mitre link : CVE-2012-1841

CVE.ORG link : CVE-2012-1841

JSON object : View

Products Affected

dell

quantum

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')