CVE-2012-1843
N/A
N/A
Summary
Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/48453
- http://www.kb.cert.org/vuls/id/913483
- http://osvdb.org/80227
- http://www.kb.cert.org/vuls/id/MAPG-8NNKN8
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74161
- http://www.kb.cert.org/vuls/id/MAPG-8NVRPY
- http://secunia.com/advisories/48403
References
- http://secunia.com/advisories/48453
- http://www.kb.cert.org/vuls/id/913483
- http://osvdb.org/80227
- http://www.kb.cert.org/vuls/id/MAPG-8NNKN8
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74161
- http://www.kb.cert.org/vuls/id/MAPG-8NVRPY
- http://secunia.com/advisories/48403
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.