Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for global_console_manager_16_firmware by ibm

    CVE-2014-3085 (GCVE-0-2014-3085)

    Vulnerability from nvd – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    Date Public
    2014-07-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:55.372Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
              },
              {
                "name": "34132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/34132/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
              },
              {
                "name": "ibm-gcm-cve20143085-rce(94091)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
            },
            {
              "name": "34132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/34132/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
            },
            {
              "name": "ibm-gcm-cve20143085-rce(94091)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3085",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
                },
                {
                  "name": "34132",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/34132/"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
                },
                {
                  "name": "ibm-gcm-cve20143085-rce(94091)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3085",
        "datePublished": "2014-08-17T23:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:55.372Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3081 (GCVE-0-2014-3081)

    Vulnerability from nvd – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2014-07-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:55.649Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
              },
              {
                "name": "34132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/34132/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
              },
              {
                "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
              },
              {
                "name": "ibm-gcm-cve20143081-file-read(93930)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
            },
            {
              "name": "34132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/34132/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
            },
            {
              "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
            },
            {
              "name": "ibm-gcm-cve20143081-file-read(93930)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
                },
                {
                  "name": "34132",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/34132/"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
                },
                {
                  "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
                },
                {
                  "name": "ibm-gcm-cve20143081-file-read(93930)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3081",
        "datePublished": "2014-08-17T23:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:55.649Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3080 (GCVE-0-2014-3080)

    Vulnerability from nvd – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2014-07-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:55.974Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
              },
              {
                "name": "68777",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/68777"
              },
              {
                "name": "34132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/34132/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
              },
              {
                "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
              },
              {
                "name": "ibm-gcm-cve20143080-xss(93929)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
            },
            {
              "name": "68777",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/68777"
            },
            {
              "name": "34132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/34132/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
            },
            {
              "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
            },
            {
              "name": "ibm-gcm-cve20143080-xss(93929)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3080",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
                },
                {
                  "name": "68777",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/68777"
                },
                {
                  "name": "34132",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/34132/"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
                },
                {
                  "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
                },
                {
                  "name": "ibm-gcm-cve20143080-xss(93929)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3080",
        "datePublished": "2014-08-17T23:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:55.974Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-0526 (GCVE-0-2013-0526)

    Vulnerability from nvd – Published: 2013-08-21 16:00 – Updated: 2024-08-06 14:33
    VLAI
    Summary
    ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    Date Public
    2013-08-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:33:03.540Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "gcm-cve20130526-command-exec(85367)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-08-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "gcm-cve20130526-command-exec(85367)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2013-0526",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "gcm-cve20130526-command-exec(85367)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
                },
                {
                  "name": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html",
                  "refsource": "MISC",
                  "url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2013-0526",
        "datePublished": "2013-08-21T16:00:00.000Z",
        "dateReserved": "2012-12-16T00:00:00.000Z",
        "dateUpdated": "2024-08-06T14:33:03.540Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3080 (GCVE-0-2014-3080)

    Vulnerability from cvelistv5 – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2014-07-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:55.974Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
              },
              {
                "name": "68777",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/68777"
              },
              {
                "name": "34132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/34132/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
              },
              {
                "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
              },
              {
                "name": "ibm-gcm-cve20143080-xss(93929)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
            },
            {
              "name": "68777",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/68777"
            },
            {
              "name": "34132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/34132/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
            },
            {
              "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
            },
            {
              "name": "ibm-gcm-cve20143080-xss(93929)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3080",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
                },
                {
                  "name": "68777",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/68777"
                },
                {
                  "name": "34132",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/34132/"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
                },
                {
                  "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
                },
                {
                  "name": "ibm-gcm-cve20143080-xss(93929)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93929"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3080",
        "datePublished": "2014-08-17T23:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:55.974Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3085 (GCVE-0-2014-3085)

    Vulnerability from cvelistv5 – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    Date Public
    2014-07-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:55.372Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
              },
              {
                "name": "34132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/34132/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
              },
              {
                "name": "ibm-gcm-cve20143085-rce(94091)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
            },
            {
              "name": "34132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/34132/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
            },
            {
              "name": "ibm-gcm-cve20143085-rce(94091)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3085",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
                },
                {
                  "name": "34132",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/34132/"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
                },
                {
                  "name": "ibm-gcm-cve20143085-rce(94091)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94091"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3085",
        "datePublished": "2014-08-17T23:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:55.372Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3081 (GCVE-0-2014-3081)

    Vulnerability from cvelistv5 – Published: 2014-08-17 23:00 – Updated: 2024-08-06 10:35
    VLAI
    Summary
    prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2014-07-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:35:55.649Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
              },
              {
                "name": "34132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/34132/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
              },
              {
                "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
              },
              {
                "name": "ibm-gcm-cve20143081-file-read(93930)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
            },
            {
              "name": "34132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/34132/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
            },
            {
              "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
            },
            {
              "name": "ibm-gcm-cve20143081-file-read(93930)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html"
                },
                {
                  "name": "34132",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/34132/"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983"
                },
                {
                  "name": "20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2014/Jul/113"
                },
                {
                  "name": "ibm-gcm-cve20143081-file-read(93930)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3081",
        "datePublished": "2014-08-17T23:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:35:55.649Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-0526 (GCVE-0-2013-0526)

    Vulnerability from cvelistv5 – Published: 2013-08-21 16:00 – Updated: 2024-08-06 14:33
    VLAI
    Summary
    ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    Date Public
    2013-08-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:33:03.540Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "gcm-cve20130526-command-exec(85367)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-08-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "gcm-cve20130526-command-exec(85367)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2013-0526",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "gcm-cve20130526-command-exec(85367)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85367"
                },
                {
                  "name": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html",
                  "refsource": "MISC",
                  "url": "http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html"
                },
                {
                  "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093509"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2013-0526",
        "datePublished": "2013-08-21T16:00:00.000Z",
        "dateReserved": "2012-12-16T00:00:00.000Z",
        "dateUpdated": "2024-08-06T14:33:03.540Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }