Search criteria
8 vulnerabilities found for global_console_manager_16_firmware by ibm
CVE-2014-3085 (GCVE-0-2014-3085)
Vulnerability from nvd – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
VLAI?
Summary
systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "ibm-gcm-cve20143085-rce(94091)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "ibm-gcm-cve20143085-rce(94091)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "ibm-gcm-cve20143085-rce(94091)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3085",
"datePublished": "2014-08-17T23:00:00.000Z",
"dateReserved": "2014-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:55.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3081 (GCVE-0-2014-3081)
Vulnerability from nvd – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
VLAI?
Summary
prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143081-file-read(93930)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143081-file-read(93930)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143081-file-read(93930)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3081",
"datePublished": "2014-08-17T23:00:00.000Z",
"dateReserved": "2014-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:55.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3080 (GCVE-0-2014-3080)
Vulnerability from nvd – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "68777",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68777"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143080-xss(93929)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "68777",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68777"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143080-xss(93929)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "68777",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68777"
},
{
"name": "34132",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143080-xss(93929)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3080",
"datePublished": "2014-08-17T23:00:00.000Z",
"dateReserved": "2014-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:55.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0526 (GCVE-0-2013-0526)
Vulnerability from nvd – Published: 2013-08-21 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:03.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gcm-cve20130526-command-exec(85367)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "gcm-cve20130526-command-exec(85367)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gcm-cve20130526-command-exec(85367)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
},
{
"name": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html",
"refsource": "MISC",
"url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0526",
"datePublished": "2013-08-21T16:00:00.000Z",
"dateReserved": "2012-12-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T14:33:03.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3085 (GCVE-0-2014-3085)
Vulnerability from cvelistv5 – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
VLAI?
Summary
systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "ibm-gcm-cve20143085-rce(94091)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "ibm-gcm-cve20143085-rce(94091)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "ibm-gcm-cve20143085-rce(94091)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3085",
"datePublished": "2014-08-17T23:00:00.000Z",
"dateReserved": "2014-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:55.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3081 (GCVE-0-2014-3081)
Vulnerability from cvelistv5 – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
VLAI?
Summary
prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143081-file-read(93930)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143081-file-read(93930)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "34132",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143081-file-read(93930)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3081",
"datePublished": "2014-08-17T23:00:00.000Z",
"dateReserved": "2014-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:55.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3080 (GCVE-0-2014-3080)
Vulnerability from cvelistv5 – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "68777",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68777"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143080-xss(93929)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "68777",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68777"
},
{
"name": "34132",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143080-xss(93929)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
},
{
"name": "68777",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68777"
},
{
"name": "34132",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34132/"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
},
{
"name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/113"
},
{
"name": "ibm-gcm-cve20143080-xss(93929)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3080",
"datePublished": "2014-08-17T23:00:00.000Z",
"dateReserved": "2014-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:35:55.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0526 (GCVE-0-2013-0526)
Vulnerability from cvelistv5 – Published: 2013-08-21 16:00 – Updated: 2024-08-06 14:33
VLAI?
Summary
ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:03.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gcm-cve20130526-command-exec(85367)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "gcm-cve20130526-command-exec(85367)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gcm-cve20130526-command-exec(85367)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
},
{
"name": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html",
"refsource": "MISC",
"url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0526",
"datePublished": "2013-08-21T16:00:00.000Z",
"dateReserved": "2012-12-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T14:33:03.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}