Lucene search

DellCVE-2012-2285

HistoryAug 29, 2012 - 10:55 p.m.

CVE-2012-2285

2012-08-2922:55:01

CWE-287

dell

web.nvd.nist.gov

emc

cloud tiering

appliance

cve-2012-2285

security vulnerability

gui admin access

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.011

Percentile

84.2%

JSON

EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase.

Affected configurations

Nvd

Node

emccloud_tiering_appliance_virtual_editionRange≤9.0

emccloud_tiering_applianceRange≤9.0

VendorProductVersionCPE
emccloud_tiering_appliance_virtual_edition*cpe:2.3:a:emc:cloud_tiering_appliance_virtual_edition:*:*:*:*:*:*:*:*
emccloud_tiering_appliance*cpe:2.3:h:emc:cloud_tiering_appliance:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emc	cloud_tiering_appliance_virtual_edition	*	cpe:2.3:a:emc:cloud_tiering_appliance_virtual_edition::::::::
emc	cloud_tiering_appliance	*	cpe:2.3:h:emc:cloud_tiering_appliance::::::::

References

archives.neohapsis.com/archives/bugtraq/2012-08/0184.html

osvdb.org/85050

secunia.com/advisories/50393

www.securitytracker.com/id?1027448

exchange.xforce.ibmcloud.com/vulnerabilities/78110

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.011

Percentile

84.2%

JSON

Related for CVE-2012-2285