CVE-2012-2288

2012-09-0411:04:48

CWE-134

dell

web.nvd.nist.gov

144

cve-2012-2288

format string vulnerability

emc networker

remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.942

Percentile

99.2%

JSON

Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.

Affected configurations

Nvd

Node

emcnetworkerMatch7.6.3

emcnetworkerMatch7.6.4

emcnetworkerMatch8.0

VendorProductVersionCPE
emcnetworker7.6.3cpe:2.3:a:emc:networker:7.6.3:*:*:*:*:*:*:*
emcnetworker7.6.4cpe:2.3:a:emc:networker:7.6.4:*:*:*:*:*:*:*
emcnetworker8.0cpe:2.3:a:emc:networker:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emc	networker	7.6.3	cpe:2.3:a:emc:networker:7.6.3:::::::*
emc	networker	7.6.4	cpe:2.3:a:emc:networker:7.6.4:::::::*
emc	networker	8.0	cpe:2.3:a:emc:networker:8.0:::::::*