Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for connectrix_manager by emc

    CVE-2014-2276 (GCVE-0-2014-2276)

    Vulnerability from nvd – Published: 2014-03-21 14:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1029939 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/57513 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/66308 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    Date Public
    2014-03-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1029939",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029939"
              },
              {
                "name": "57513",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57513"
              },
              {
                "name": "66308",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/66308"
              },
              {
                "name": "connectrix-cve20142276-info-disc(91987)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91987"
              },
              {
                "name": "20140318 ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1029939",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029939"
            },
            {
              "name": "57513",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57513"
            },
            {
              "name": "66308",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/66308"
            },
            {
              "name": "connectrix-cve20142276-info-disc(91987)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91987"
            },
            {
              "name": "20140318 ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1029939",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029939"
                },
                {
                  "name": "57513",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57513"
                },
                {
                  "name": "66308",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/66308"
                },
                {
                  "name": "connectrix-cve20142276-info-disc(91987)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91987"
                },
                {
                  "name": "20140318 ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2276",
        "datePublished": "2014-03-21T14:00:00.000Z",
        "dateReserved": "2014-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.338Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6810 (GCVE-0-2013-6810)

    Vulnerability from nvd – Published: 2013-12-12 17:00 – Updated: 2024-08-06 17:46
    VLAI
    Summary
    The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/42702/ exploitx_refsource_EXPLOIT-DB
    http://www.securitytracker.com/id/1029485 vdb-entryx_refsource_SECTRACK
    http://www.attrition.org/pipermail/vim/2014-Janua… mailing-listx_refsource_VIM
    http://www.zerodayinitiative.com/advisories/ZDI-13-283/ x_refsource_MISC
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=138723620521347&w=2 vendor-advisoryx_refsource_HP
    https://www.exploit-db.com/exploits/42701/ exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/56143 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2013-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:46:23.568Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "42702",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/42702/"
              },
              {
                "name": "1029485",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029485"
              },
              {
                "name": "20140129 CVE-2013-6810 / EMC / HP issue is actually Brocade",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2014-January/002755.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/"
              },
              {
                "name": "20131211 ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0053.html"
              },
              {
                "name": "HPSBHF02953",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=138723620521347\u0026w=2"
              },
              {
                "name": "42701",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/42701/"
              },
              {
                "name": "connectrix-manager-directory-traversal(90728)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90728"
              },
              {
                "name": "56143",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/56143"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "42702",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/42702/"
            },
            {
              "name": "1029485",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029485"
            },
            {
              "name": "20140129 CVE-2013-6810 / EMC / HP issue is actually Brocade",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2014-January/002755.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/"
            },
            {
              "name": "20131211 ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0053.html"
            },
            {
              "name": "HPSBHF02953",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=138723620521347\u0026w=2"
            },
            {
              "name": "42701",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/42701/"
            },
            {
              "name": "connectrix-manager-directory-traversal(90728)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90728"
            },
            {
              "name": "56143",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/56143"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6810",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "42702",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/42702/"
                },
                {
                  "name": "1029485",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029485"
                },
                {
                  "name": "20140129 CVE-2013-6810 / EMC / HP issue is actually Brocade",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2014-January/002755.html"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/"
                },
                {
                  "name": "20131211 ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0053.html"
                },
                {
                  "name": "HPSBHF02953",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=138723620521347\u0026w=2"
                },
                {
                  "name": "42701",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/42701/"
                },
                {
                  "name": "connectrix-manager-directory-traversal(90728)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90728"
                },
                {
                  "name": "56143",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/56143"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6810",
        "datePublished": "2013-12-12T17:00:00.000Z",
        "dateReserved": "2013-11-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:46:23.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2276 (GCVE-0-2014-2276)

    Vulnerability from cvelistv5 – Published: 2014-03-21 14:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1029939 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/57513 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/66308 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    Date Public
    2014-03-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1029939",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029939"
              },
              {
                "name": "57513",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57513"
              },
              {
                "name": "66308",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/66308"
              },
              {
                "name": "connectrix-cve20142276-info-disc(91987)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91987"
              },
              {
                "name": "20140318 ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1029939",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029939"
            },
            {
              "name": "57513",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57513"
            },
            {
              "name": "66308",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/66308"
            },
            {
              "name": "connectrix-cve20142276-info-disc(91987)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91987"
            },
            {
              "name": "20140318 ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1029939",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029939"
                },
                {
                  "name": "57513",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57513"
                },
                {
                  "name": "66308",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/66308"
                },
                {
                  "name": "connectrix-cve20142276-info-disc(91987)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91987"
                },
                {
                  "name": "20140318 ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2276",
        "datePublished": "2014-03-21T14:00:00.000Z",
        "dateReserved": "2014-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.338Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6810 (GCVE-0-2013-6810)

    Vulnerability from cvelistv5 – Published: 2013-12-12 17:00 – Updated: 2024-08-06 17:46
    VLAI
    Summary
    The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/42702/ exploitx_refsource_EXPLOIT-DB
    http://www.securitytracker.com/id/1029485 vdb-entryx_refsource_SECTRACK
    http://www.attrition.org/pipermail/vim/2014-Janua… mailing-listx_refsource_VIM
    http://www.zerodayinitiative.com/advisories/ZDI-13-283/ x_refsource_MISC
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=138723620521347&w=2 vendor-advisoryx_refsource_HP
    https://www.exploit-db.com/exploits/42701/ exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/56143 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2013-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:46:23.568Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "42702",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/42702/"
              },
              {
                "name": "1029485",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029485"
              },
              {
                "name": "20140129 CVE-2013-6810 / EMC / HP issue is actually Brocade",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2014-January/002755.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/"
              },
              {
                "name": "20131211 ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0053.html"
              },
              {
                "name": "HPSBHF02953",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=138723620521347\u0026w=2"
              },
              {
                "name": "42701",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/42701/"
              },
              {
                "name": "connectrix-manager-directory-traversal(90728)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90728"
              },
              {
                "name": "56143",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/56143"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-15T09:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "42702",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/42702/"
            },
            {
              "name": "1029485",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029485"
            },
            {
              "name": "20140129 CVE-2013-6810 / EMC / HP issue is actually Brocade",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2014-January/002755.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/"
            },
            {
              "name": "20131211 ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0053.html"
            },
            {
              "name": "HPSBHF02953",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=138723620521347\u0026w=2"
            },
            {
              "name": "42701",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/42701/"
            },
            {
              "name": "connectrix-manager-directory-traversal(90728)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90728"
            },
            {
              "name": "56143",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/56143"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-6810",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "42702",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/42702/"
                },
                {
                  "name": "1029485",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029485"
                },
                {
                  "name": "20140129 CVE-2013-6810 / EMC / HP issue is actually Brocade",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2014-January/002755.html"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-13-283/"
                },
                {
                  "name": "20131211 ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0053.html"
                },
                {
                  "name": "HPSBHF02953",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=138723620521347\u0026w=2"
                },
                {
                  "name": "42701",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/42701/"
                },
                {
                  "name": "connectrix-manager-directory-traversal(90728)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90728"
                },
                {
                  "name": "56143",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/56143"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-6810",
        "datePublished": "2013-12-12T17:00:00.000Z",
        "dateReserved": "2013-11-19T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:46:23.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }