Search criteria
4 vulnerabilities found for vnxe by emc
VAR-201207-0336
Vulnerability from variot - Updated: 2025-04-11 22:59EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request. There are security vulnerabilities in multiple EMC products. Failure to properly access control settings allows an attacker to exploit the vulnerability to bypass security restrictions and gain unauthorized access to the output file system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability
EMC Identifier: ESA-2012-027
CVE Identifier: CVE-2012-2282
Severity Rating: CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Affected products:
EMC Celerra Network Server versions 6.0.36.4 through 6.0.60.2
EMC VNX versions 7.0.12.0 through 7.0.53.1
EMC VNXe 2.0 (including SP1, SP2, and SP3)
EMC VNXe MR1 (including SP1, SP2, SP3, and SP3.1)
EMC VNXe MR2 (including SP0.1)
Vulnerability Summary:
A vulnerability exists in EMC Celerra/VNX/VNXe systems that can be potentially exploited to gain unauthorized access to distributed files and directories.
For EMC Celerra, navigate in Powerlink to Home > Support > Software Downloads and Licensing > Downloads C > Celerra Software For EMC VNX, navigate in Powerlink to Home >Support>Support by Product and search for VNX For EMC VNXe, Log onto the affected VNXe, navigate in Support Zone as follows: Settings > More Configuration > Update Software > Obtain Candidate Version Online
Because the view is restricted based on customer agreements, you may not have permission to view certain downloads. Should you not see a software download you believe you should have access to, follow the instructions in EMC Knowledgebase solution emc116045.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
EMC Product Security Response Center
Security_Alert@emc.com
http://www.emc.com/contact-us/contact/product-security-response-center.htm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (Cygwin)
iEYEARECAAYFAk/9nQcACgkQtjd2rKp+ALwy+QCfRYR3eaF29k28f7gYjgC0vcVk NLIAn0GWWLPQ0VPfcFUjC6RlyahlwImL =wjkz -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi
TITLE: EMC Products Security Bypass Security Issue
SECUNIA ADVISORY ID: SA49911
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49911/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49911
RELEASE DATE: 2012-07-12
DISCUSS ADVISORY: http://secunia.com/advisories/49911/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49911/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49911
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A security issue has been reported in multiple EMC products, which can be exploited by malicious users to potentially bypass certain security restrictions.
SOLUTION: Update to a fixed version. Updated software can be downloaded from Powerlink.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: EMC (ESA-2012-027): http://archives.neohapsis.com/archives/bugtraq/2012-07/att-0063/ESA-2012-027.txt
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0336",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vnxe",
"scope": "eq",
"trust": 1.6,
"vendor": "emc",
"version": "mr2"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 1.6,
"vendor": "emc",
"version": "mr1"
},
{
"model": "vnx",
"scope": "eq",
"trust": 1.6,
"vendor": "emc",
"version": "7.0.53.1"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 1.6,
"vendor": "emc",
"version": "2.0"
},
{
"model": "celerra network server",
"scope": "eq",
"trust": 1.0,
"vendor": "emc",
"version": "6.0.36.4"
},
{
"model": "celerra network server",
"scope": "eq",
"trust": 1.0,
"vendor": "emc",
"version": "6.0.60.2"
},
{
"model": "vnx",
"scope": "eq",
"trust": 1.0,
"vendor": "emc",
"version": "7.0.12.0"
},
{
"model": "vnx",
"scope": "lt",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "7.x"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "2.1.3.19077"
},
{
"model": "celerra network server",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "6.0.61.0"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "2.0"
},
{
"model": "vnxe",
"scope": "lt",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "2.1"
},
{
"model": "vnx",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "7.0.53.2"
},
{
"model": "celerra network server",
"scope": "lt",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "6.x"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "2.2.0.19078"
},
{
"model": "vnxe",
"scope": "lt",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "2.2"
},
{
"model": "celerra network server",
"scope": "eq",
"trust": 0.6,
"vendor": "emc",
"version": "6.x"
},
{
"model": "vnx operating environment for file",
"scope": "eq",
"trust": 0.6,
"vendor": "emc",
"version": "7.x"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 0.6,
"vendor": "emc",
"version": "2.x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-162"
},
{
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:emc:celerra_network_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:emc:vnx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:emc:vnxe",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "54414"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2282",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2012-2282",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2282",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-2282",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-162",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-162"
},
{
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request. There are security vulnerabilities in multiple EMC products. Failure to properly access control settings allows an attacker to exploit the vulnerability to bypass security restrictions and gain unauthorized access to the output file system. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability \n\nEMC Identifier: ESA-2012-027\n\nCVE Identifier: CVE-2012-2282 \n\nSeverity Rating: CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)\n\nAffected products:\n\nEMC Celerra Network Server versions 6.0.36.4 through 6.0.60.2\n\nEMC VNX versions 7.0.12.0 through 7.0.53.1\n\nEMC VNXe 2.0 (including SP1, SP2, and SP3)\n\nEMC VNXe MR1 (including SP1, SP2, SP3, and SP3.1) \n\nEMC VNXe MR2 (including SP0.1)\n\nVulnerability Summary:\n\nA vulnerability exists in EMC Celerra/VNX/VNXe systems that can be potentially exploited to gain unauthorized access to distributed files and directories. \n\nFor EMC Celerra, navigate in Powerlink to Home \u003e Support \u003e Software Downloads and Licensing \u003e Downloads C \u003e Celerra Software \nFor EMC VNX, navigate in Powerlink to Home \u003eSupport\u003eSupport by Product and search for VNX \nFor EMC VNXe, Log onto the affected VNXe, navigate in Support Zone as follows: Settings \u003e More Configuration \u003e Update Software \u003e Obtain Candidate Version Online\n\nBecause the view is restricted based on customer agreements, you may not have permission to view certain downloads. Should you not see a software download you believe you should have access to, follow the instructions in EMC Knowledgebase solution emc116045. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided \"as is\" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\nEMC Product Security Response Center\n\nSecurity_Alert@emc.com\n\nhttp://www.emc.com/contact-us/contact/product-security-response-center.htm \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (Cygwin)\n\niEYEARECAAYFAk/9nQcACgkQtjd2rKp+ALwy+QCfRYR3eaF29k28f7gYjgC0vcVk\nNLIAn0GWWLPQ0VPfcFUjC6RlyahlwImL\n=wjkz\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nWe are millions! Join us to protect all Pc\u0027s Worldwide. \nDownload the new Secunia PSI 3.0 available in 5 languages and share it with your friends:\nhttp://secunia.com/psi\n\n----------------------------------------------------------------------\n\nTITLE:\nEMC Products Security Bypass Security Issue\n\nSECUNIA ADVISORY ID:\nSA49911\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49911/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49911\n\nRELEASE DATE:\n2012-07-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49911/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49911/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49911\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in multiple EMC products, which\ncan be exploited by malicious users to potentially bypass certain\nsecurity restrictions. \n\nSOLUTION:\nUpdate to a fixed version. Updated software can be downloaded from\nPowerlink. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nEMC (ESA-2012-027):\nhttp://archives.neohapsis.com/archives/bugtraq/2012-07/att-0063/ESA-2012-027.txt\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2282"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"db": "BID",
"id": "54414"
},
{
"db": "PACKETSTORM",
"id": "114647"
},
{
"db": "PACKETSTORM",
"id": "114653"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2282",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1027242",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003108",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "49911",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2012-3692",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19996",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20120711 ESA-2012-027: EMC CELERRA/VNX/VNXE IMPROPER ACCESS CONTROL VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201207-162",
"trust": 0.6
},
{
"db": "BID",
"id": "54414",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "114647",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114653",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"db": "BID",
"id": "54414"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"db": "PACKETSTORM",
"id": "114647"
},
{
"db": "PACKETSTORM",
"id": "114653"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-162"
},
{
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"id": "VAR-201207-0336",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3692"
}
],
"trust": 1.1084586433333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3692"
}
]
},
"last_update_date": "2025-04-11T22:59:17.182000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NVX \u30d5\u30a1\u30df\u30ea",
"trust": 0.8,
"url": "http://japan.emc.com/storage/vnx/vnx-family.htm"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.emc.com/index.htm"
},
{
"title": "EMC multiple product security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/18836"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id?1027242"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2282"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2282"
},
{
"trust": 0.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/att-0063/esa-2012-027.txt"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49911"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19996"
},
{
"trust": 0.3,
"url": "http://www.emc.com/?fromglobalsiteselect"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2282"
},
{
"trust": 0.1,
"url": "http://www.emc.com/contact-us/contact/product-security-response-center.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49911/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49911"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49911/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"db": "BID",
"id": "54414"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"db": "PACKETSTORM",
"id": "114647"
},
{
"db": "PACKETSTORM",
"id": "114653"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-162"
},
{
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"db": "BID",
"id": "54414"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"db": "PACKETSTORM",
"id": "114647"
},
{
"db": "PACKETSTORM",
"id": "114653"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-162"
},
{
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"date": "2012-07-12T00:00:00",
"db": "BID",
"id": "54414"
},
{
"date": "2012-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"date": "2012-07-12T02:05:18",
"db": "PACKETSTORM",
"id": "114647"
},
{
"date": "2012-07-12T06:05:32",
"db": "PACKETSTORM",
"id": "114653"
},
{
"date": "2012-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-162"
},
{
"date": "2012-07-16T20:55:00.830000",
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3692"
},
{
"date": "2013-04-02T13:07:00",
"db": "BID",
"id": "54414"
},
{
"date": "2012-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003108"
},
{
"date": "2012-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-162"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-2282"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-162"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EMC Celerra Network Server , EMC VNX ,and EMC VNXe Vulnerable to reading files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003108"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-162"
}
],
"trust": 0.6
}
}
VAR-201804-0950
Vulnerability from variot - Updated: 2024-11-23 22:26In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.231, Dell EMC VNX1 Operating Environment (OE) for File versions prior to 7.1.82.0, Dell EMC VNX1 Operating Environment (OE) for Block versions prior to 05.32.000.5.225, Dell EMC VNXe3200 Operating Environment (OE) all versions, Dell EMC VNXe1600 Operating Environment (OE) versions prior to 3.1.9.9570228, Dell EMC VNXe 3100/3150/3300 Operating Environment (OE) all versions, Dell EMC ViPR SRM versions 3.7, 3.7.1, 3.7.2 (only if using Dell EMC Host Interface for Windows), Dell EMC ViPR SRM versions 4.0, 4.0.1, 4.0.2, 4.0.3 (only if using Dell EMC Host Interface for Windows), Dell EMC XtremIO versions 4.x, Dell EMC VMAX eNAS version 8.x, Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968, ECOM is affected by a XXE injection vulnerability due to the configuration of the XML parser shipped with the product. XXE Injection attack may occur when XML input containing a reference to an external entity (defined by the attacker) is processed by an affected XML parser. XXE Injection may allow attackers to gain unauthorized access to files containing sensitive information or may be used to cause denial-of-service. plural Dell EMC The product includes XML An external entity vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. are all products of Dell in the United States. Dell EMC Unisphere for VMAX Virtual Appliance (vApp) is a management tool for VMAX storage arrays. EMC Solutions Enabler Virtual Appliance is a solution application virtual appliance
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0950",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0.2"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "3.7.1"
},
{
"model": "emc vmax enas",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "8.0"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0.1"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "3.7"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "3.7.2"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0.3"
},
{
"model": "emc xtremio",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "4.0.2"
},
{
"model": "emc xtremio",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "4.0"
},
{
"model": "emc vnxe1600 operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "3.1.9.9570228"
},
{
"model": "emc vnx2 operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.1.9.231"
},
{
"model": "emc unisphere",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.8"
},
{
"model": "emc vnxe 3300 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx2 operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "05.33.009.5.231"
},
{
"model": "emc vmax embedded management",
"scope": "lte",
"trust": 1.0,
"vendor": "dell",
"version": "1.4.0.347"
},
{
"model": "emc vnxe3200 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vasa provider virtual appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.512"
},
{
"model": "emc smis",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.6"
},
{
"model": "emc vnx1 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "05.32.000.5.225"
},
{
"model": "emc vmax enas",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "8.0.1"
},
{
"model": "emc unity operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "4.3.0.1522077968"
},
{
"model": "emc vnxe 3150 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe 3100 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx1 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "7.1.82.0"
},
{
"model": "emc solutions enabler virtual appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.8"
},
{
"model": "emc smis",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc solutions enabler virtual appliance",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc unisphere",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc unity operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vasa provider virtual appliance",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vipr srm",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vmax embedded management",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vmax enas",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx1 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx2 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe1600 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3100 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3150 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3200 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3300 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc xtremio",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vmax embedded management",
"scope": "eq",
"trust": 0.6,
"vendor": "dell",
"version": "1.4.0.347"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.1"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.6"
},
{
"model": "emc unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.2"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.1.0.3"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.7"
},
{
"model": "vnx2",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "05.33.009.5.231"
},
{
"model": "vnx2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.155"
},
{
"model": "emc unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.3"
},
{
"model": "vasa provider virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.3.0"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.0"
},
{
"model": "xtremio",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.4-41"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.1"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.4"
},
{
"model": "vnx1",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1.82.0"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.4.0.15"
},
{
"model": "vmax enas",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8"
},
{
"model": "vnx2 oe for file",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.211"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.7.1"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0"
},
{
"model": "solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0"
},
{
"model": "smis",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.6"
},
{
"model": "vnxe3200",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.1.5.8711957"
},
{
"model": "emc vmax embedded management",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "1.4.0.347"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.3"
},
{
"model": "solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.20"
},
{
"model": "unity operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.1"
},
{
"model": "solutions enabler",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.8"
},
{
"model": "emc unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.4.0.15"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.3"
},
{
"model": "vnx2",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.231"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.3"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.1"
},
{
"model": "vnx2 oe for file",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.217"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.0"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.2.6"
},
{
"model": "emc vmax embedded management",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "1.4"
},
{
"model": "vasa provider virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.2"
},
{
"model": "vnx2 oe for file",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.155"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0"
},
{
"model": "vnxe1600",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "3.1.9.9570228"
},
{
"model": "vnxe3200",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.1.0"
},
{
"model": "vnx1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1.80.3"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.6.1.6"
},
{
"model": "vnx2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0"
},
{
"model": "unity operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "4.3.0.1522077968"
},
{
"model": "unisphere for vmax",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.8"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.3.4"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.5"
},
{
"model": "vnxe1600",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.7.2"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.2"
},
{
"model": "vnx1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "vasa provider virtual appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.512"
},
{
"model": "solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.5.883"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.2"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:dell:emc_smis",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_solutions_enabler_virtual_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_unisphere",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_unity_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vasa_provider_virtual_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vipr_srm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vmax_embedded_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vmax_enas",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnx1_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnx2_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe1600_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe_3100_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe_3150_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe3200_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe_3300__operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_xtremio",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jakub Palaczynski",
"sources": [
{
"db": "BID",
"id": "104024"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1183",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1183",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-121728",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1183",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1183",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-1183",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-031",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121728",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.231, Dell EMC VNX1 Operating Environment (OE) for File versions prior to 7.1.82.0, Dell EMC VNX1 Operating Environment (OE) for Block versions prior to 05.32.000.5.225, Dell EMC VNXe3200 Operating Environment (OE) all versions, Dell EMC VNXe1600 Operating Environment (OE) versions prior to 3.1.9.9570228, Dell EMC VNXe 3100/3150/3300 Operating Environment (OE) all versions, Dell EMC ViPR SRM versions 3.7, 3.7.1, 3.7.2 (only if using Dell EMC Host Interface for Windows), Dell EMC ViPR SRM versions 4.0, 4.0.1, 4.0.2, 4.0.3 (only if using Dell EMC Host Interface for Windows), Dell EMC XtremIO versions 4.x, Dell EMC VMAX eNAS version 8.x, Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968, ECOM is affected by a XXE injection vulnerability due to the configuration of the XML parser shipped with the product. XXE Injection attack may occur when XML input containing a reference to an external entity (defined by the attacker) is processed by an affected XML parser. XXE Injection may allow attackers to gain unauthorized access to files containing sensitive information or may be used to cause denial-of-service. plural Dell EMC The product includes XML An external entity vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. are all products of Dell in the United States. Dell EMC Unisphere for VMAX Virtual Appliance (vApp) is a management tool for VMAX storage arrays. EMC Solutions Enabler Virtual Appliance is a solution application virtual appliance",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1183"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "VULHUB",
"id": "VHN-121728"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1183",
"trust": 2.8
},
{
"db": "BID",
"id": "104024",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-121728",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"id": "VAR-201804-0950",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
}
],
"trust": 0.6614885079999999
},
"last_update_date": "2024-11-23T22:26:25.136000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.dellemc.com/en-us/index.htm"
},
{
"title": "Multiple Dell EMC Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79775"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://seclists.org/fulldisclosure/2018/apr/61"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/104024"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1183"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1183"
},
{
"trust": 0.3,
"url": "http://dell.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-121728"
},
{
"date": "2018-04-25T00:00:00",
"db": "BID",
"id": "104024"
},
{
"date": "2018-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"date": "2018-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"date": "2018-04-30T20:29:00.310000",
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-121728"
},
{
"date": "2018-04-25T00:00:00",
"db": "BID",
"id": "104024"
},
{
"date": "2018-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"date": "2018-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"date": "2024-11-21T03:59:21.123000",
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Dell EMC In product XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
}
],
"trust": 0.6
}
}
CVE-2012-2282 (GCVE-0-2012-2282)
Vulnerability from nvd – Published: 2012-07-16 19:00 – Updated: 2024-08-06 19:26
VLAI?
Summary
EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:09.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
},
{
"name": "1027242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-25T09:00:00",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
},
{
"name": "1027242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027242"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2012-2282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
},
{
"name": "1027242",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027242"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2012-2282",
"datePublished": "2012-07-16T19:00:00",
"dateReserved": "2012-04-19T00:00:00",
"dateUpdated": "2024-08-06T19:26:09.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2282 (GCVE-0-2012-2282)
Vulnerability from cvelistv5 – Published: 2012-07-16 19:00 – Updated: 2024-08-06 19:26
VLAI?
Summary
EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:09.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
},
{
"name": "1027242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-25T09:00:00",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
},
{
"name": "1027242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027242"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2012-2282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
},
{
"name": "1027242",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027242"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2012-2282",
"datePublished": "2012-07-16T19:00:00",
"dateReserved": "2012-04-19T00:00:00",
"dateUpdated": "2024-08-06T19:26:09.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}