CVE-2012-0262

2013-12-3120:55:15

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.871

Percentile

98.7%

JSON

op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.

Affected configurations

Nvd

Node

op5monitorRange≤5.5.1

op5monitorMatch5.3.5

op5monitorMatch5.4.0

op5monitorMatch5.4.2

op5monitorMatch5.5.0

op5system-op5configRange≤2.0.2

VendorProductVersionCPE
op5monitor*cpe:2.3:a:op5:monitor:*:*:*:*:*:*:*:*
op5monitor5.3.5cpe:2.3:a:op5:monitor:5.3.5:*:*:*:*:*:*:*
op5monitor5.4.0cpe:2.3:a:op5:monitor:5.4.0:*:*:*:*:*:*:*
op5monitor5.4.2cpe:2.3:a:op5:monitor:5.4.2:*:*:*:*:*:*:*
op5monitor5.5.0cpe:2.3:a:op5:monitor:5.5.0:*:*:*:*:*:*:*
op5system-op5config*cpe:2.3:a:op5:system-op5config:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
op5	monitor	*	cpe:2.3:a:op5:monitor::::::::
op5	monitor	5.3.5	cpe:2.3:a:op5:monitor:5.3.5:::::::*
op5	monitor	5.4.0	cpe:2.3:a:op5:monitor:5.4.0:::::::*
op5	monitor	5.4.2	cpe:2.3:a:op5:monitor:5.4.2:::::::*
op5	monitor	5.5.0	cpe:2.3:a:op5:monitor:5.5.0:::::::*
op5	system-op5config	*	cpe:2.3:a:op5:system-op5config::::::::