Vulnerability-Lookup

CVE-2012-2282 (GCVE-0-2012-2282)

Vulnerability from cvelistv5 – Published: 2012-07-16 19:00 – Updated: 2024-08-06 19:26

Summary

Severity ?

No CVSS data available.

CWE

Assigner

dell

References

URL

FKIE_CVE-2012-2282

Vulnerability from fkie_nvd - Published: 2012-07-16 20:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	security_alert@emc.com	http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html
	security_alert@emc.com	http://www.securitytracker.com/id?1027242
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027242

Impacted products

Vendor	Product	Version
emc	celerra_network_server	6.0.36.4
emc	celerra_network_server	6.0.60.2
emc	vnx	7.0.12.0
emc	vnx	7.0.53.1
emc	vnxe	2.0
emc	vnxe	2.0
emc	vnxe	2.0
emc	vnxe	2.0
emc	vnxe	mr1
emc	vnxe	mr1
emc	vnxe	mr1
emc	vnxe	mr1
emc	vnxe	mr2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:celerra_network_server:6.0.36.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F52AA92-54E9-4693-948E-5340E367A340",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:celerra_network_server:6.0.60.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F7109E4-155C-4652-A999-1262A7D1AFA7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:vnx:7.0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "30EA406F-1E39-4FEE-8C92-DF002781F081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnx:7.0.53.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0D4E914-FF12-490D-9936-FAB3ADD765F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:vnxe:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FA03425-391F-494C-96D9-67989C6BCBD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "BE6E6464-A5A6-41FE-B07F-293381B8DA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "CB103003-B0EC-4054-9228-DA8515409201",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:2.0:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "2DE6F296-634B-44A6-8DCB-C48D9AE8CFBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:mr1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "6A81FC2C-0264-414E-809A-5F6944020C15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:mr1:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A568E0C0-15BD-4CE0-8359-C91C42DB87BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:mr1:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "738A34A4-2260-4927-823F-AB68E90427E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:mr1:sp3.1:*:*:*:*:*:*",
              "matchCriteriaId": "C0730F43-5067-4730-A91E-F2CBD6FDFE31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:vnxe:mr2:sp0.1:*:*:*:*:*:*",
              "matchCriteriaId": "84A9A15F-CF34-4623-A033-9C8A662AAF2A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request."
    },
    {
      "lang": "es",
      "value": "EMC Celerra Network Server v6.x anterior a v6.0.61.0, VNX 7.x anterior a v7.0.53.2, y VNXe v2.0 y v2.1 anterior a v2.1.3.19077 (tambi\u00e9n conocido como MR1 SP3.2) y v2.2 anterior a v2.2.0.19078 (tambi\u00e9n conocido como MR2 SP0.2) no aplica correctamente el control de acceso NFS, lo que permite a usuarios remotos autenticados leer o modificar archivos a trav\u00e9s de un NFSv2 (1), (2) NFSv3, o (3) solicitud de NFSv4."
    }
  ],
  "id": "CVE-2012-2282",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-07-16T20:55:00.830",
  "references": [
    {
      "source": "security_alert@emc.com",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
    },
    {
      "source": "security_alert@emc.com",
      "url": "http://www.securitytracker.com/id?1027242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027242"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2012-AVI-389

Vulnerability from certfr_avis - Published: 2012-07-13 - Updated: 2012-07-13

Une vulnérabilité permettant d'obtenir un accès non autorisé à des données situés sur un système de fichiers distant à été corrigée dans divers produits EMC. Cette vulnérabilité est due à une mauvaise gestion des droits d'accès au fichiers et dossiers partagés sur le réseau.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	EMC VNXe 2.0 tout servcice pack ;
N/A	N/A	EMC VNXe MR2 tout servcice pack.
N/A	N/A	EMC VNX versions 7.10.12.0 à 7.0.53.1 ;
N/A	N/A	EMC Celerra Network Server versions 6.0.36.4 à 6.0.60.2 ;
N/A	N/A	EMC VNXe MR1 tout servcice pack ;

References

Title

Publication Time

GSD-2012-2282

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-2282

Aliases

CVE-2012-2282

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-2282",
    "description": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.",
    "id": "GSD-2012-2282"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-2282"
      ],
      "details": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.",
      "id": "GSD-2012-2282",
      "modified": "2023-12-13T01:20:16.784326Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security_alert@emc.com",
        "ID": "CVE-2012-2282",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
          },
          {
            "name": "1027242",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1027242"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:emc:celerra_network_server:6.0.60.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:celerra_network_server:6.0.36.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnx:7.0.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnx:7.0.53.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:mr1:sp3.1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:mr2:sp0.1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:2.0:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:mr1:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:2.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:2.0:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:mr1:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emc:vnxe:mr1:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "ID": "CVE-2012-2282"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20120711 ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
            },
            {
              "name": "1027242",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1027242"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-03-22T03:10Z",
      "publishedDate": "2012-07-16T20:55Z"
    }
  }
}

VAR-201207-0336

Vulnerability from variot - Updated: 2025-04-11 22:59

EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request. There are security vulnerabilities in multiple EMC products. Failure to properly access control settings allows an attacker to exploit the vulnerability to bypass security restrictions and gain unauthorized access to the output file system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability

EMC Identifier: ESA-2012-027

CVE Identifier: CVE-2012-2282

Severity Rating: CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)

Affected products:

EMC Celerra Network Server versions 6.0.36.4 through 6.0.60.2

EMC VNX versions 7.0.12.0 through 7.0.53.1

EMC VNXe 2.0 (including SP1, SP2, and SP3)

EMC VNXe MR1 (including SP1, SP2, SP3, and SP3.1)

EMC VNXe MR2 (including SP0.1)

Vulnerability Summary:

A vulnerability exists in EMC Celerra/VNX/VNXe systems that can be potentially exploited to gain unauthorized access to distributed files and directories.

For EMC Celerra, navigate in Powerlink to Home > Support > Software Downloads and Licensing > Downloads C > Celerra Software For EMC VNX, navigate in Powerlink to Home >Support>Support by Product and search for VNX For EMC VNXe, Log onto the affected VNXe, navigate in Support Zone as follows: Settings > More Configuration > Update Software > Obtain Candidate Version Online

Because the view is restricted based on customer agreements, you may not have permission to view certain downloads. Should you not see a software download you believe you should have access to, follow the instructions in EMC Knowledgebase solution emc116045.

For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.

EMC Product Security Response Center

Security_Alert@emc.com

http://www.emc.com/contact-us/contact/product-security-response-center.htm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (Cygwin)

iEYEARECAAYFAk/9nQcACgkQtjd2rKp+ALwy+QCfRYR3eaF29k28f7gYjgC0vcVk NLIAn0GWWLPQ0VPfcFUjC6RlyahlwImL =wjkz -----END PGP SIGNATURE----- . ----------------------------------------------------------------------

We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi

TITLE: EMC Products Security Bypass Security Issue

SECUNIA ADVISORY ID: SA49911

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49911/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49911

RELEASE DATE: 2012-07-12

DISCUSS ADVISORY: http://secunia.com/advisories/49911/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49911/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49911

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A security issue has been reported in multiple EMC products, which can be exploited by malicious users to potentially bypass certain security restrictions.

SOLUTION: Update to a fixed version. Updated software can be downloaded from Powerlink.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: EMC (ESA-2012-027): http://archives.neohapsis.com/archives/bugtraq/2012-07/att-0063/ESA-2012-027.txt

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201207-0336",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "vnxe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "emc",
        "version": "mr2"
      },
      {
        "model": "vnxe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "emc",
        "version": "mr1"
      },
      {
        "model": "vnx",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "emc",
        "version": "7.0.53.1"
      },
      {
        "model": "vnxe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "emc",
        "version": "2.0"
      },
      {
        "model": "celerra network server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "emc",
        "version": "6.0.36.4"
      },
      {
        "model": "celerra network server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "emc",
        "version": "6.0.60.2"
      },
      {
        "model": "vnx",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "emc",
        "version": "7.0.12.0"
      },
      {
        "model": "vnx",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "7.x"
      },
      {
        "model": "vnxe",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "2.1.3.19077"
      },
      {
        "model": "celerra network server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "6.0.61.0"
      },
      {
        "model": "vnxe",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "2.0"
      },
      {
        "model": "vnxe",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "2.1"
      },
      {
        "model": "vnx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "7.0.53.2"
      },
      {
        "model": "celerra network server",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "6.x"
      },
      {
        "model": "vnxe",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "2.2.0.19078"
      },
      {
        "model": "vnxe",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "dell emc old emc",
        "version": "2.2"
      },
      {
        "model": "celerra network server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "emc",
        "version": "6.x"
      },
      {
        "model": "vnx operating environment for file",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "emc",
        "version": "7.x"
      },
      {
        "model": "vnxe",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "emc",
        "version": "2.x"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:emc:celerra_network_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:emc:vnx",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:emc:vnxe",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "54414"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2012-2282",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2012-2282",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-2282",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-2282",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201207-162",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request. There are security vulnerabilities in multiple EMC products. Failure to properly access control settings allows an attacker to exploit the vulnerability to bypass security restrictions and gain unauthorized access to the output file system. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability \n\nEMC Identifier: ESA-2012-027\n\nCVE Identifier: CVE-2012-2282 \n\nSeverity Rating: CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)\n\nAffected products:\n\nEMC Celerra Network Server versions 6.0.36.4 through 6.0.60.2\n\nEMC VNX versions 7.0.12.0 through 7.0.53.1\n\nEMC VNXe 2.0 (including SP1, SP2, and SP3)\n\nEMC VNXe MR1 (including SP1, SP2, SP3, and SP3.1) \n\nEMC VNXe MR2 (including SP0.1)\n\nVulnerability Summary:\n\nA vulnerability exists in EMC Celerra/VNX/VNXe systems that can be potentially exploited to gain unauthorized access to distributed files and directories. \n\nFor EMC Celerra, navigate in Powerlink to Home \u003e Support \u003e Software Downloads and Licensing \u003e Downloads C \u003e Celerra Software \nFor EMC VNX, navigate in Powerlink to Home \u003eSupport\u003eSupport by Product and search for VNX \nFor EMC VNXe, Log onto the affected VNXe, navigate in Support Zone as follows: Settings \u003e More Configuration \u003e Update Software \u003e Obtain Candidate Version Online\n\nBecause the view is restricted based on customer agreements, you may not have permission to view certain downloads. Should you not see a software download you believe you should have access to, follow the instructions in EMC Knowledgebase solution emc116045. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided \"as is\" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\nEMC Product Security Response Center\n\nSecurity_Alert@emc.com\n\nhttp://www.emc.com/contact-us/contact/product-security-response-center.htm \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (Cygwin)\n\niEYEARECAAYFAk/9nQcACgkQtjd2rKp+ALwy+QCfRYR3eaF29k28f7gYjgC0vcVk\nNLIAn0GWWLPQ0VPfcFUjC6RlyahlwImL\n=wjkz\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nWe are millions!  Join us to protect all Pc\u0027s Worldwide. \nDownload the new Secunia PSI 3.0 available in 5 languages and share it with your friends:\nhttp://secunia.com/psi\n\n----------------------------------------------------------------------\n\nTITLE:\nEMC Products Security Bypass Security Issue\n\nSECUNIA ADVISORY ID:\nSA49911\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49911/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49911\n\nRELEASE DATE:\n2012-07-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49911/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49911/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49911\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in multiple EMC products, which\ncan be exploited by malicious users to potentially bypass certain\nsecurity restrictions. \n\nSOLUTION:\nUpdate to a fixed version. Updated software can be downloaded from\nPowerlink. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nEMC (ESA-2012-027):\nhttp://archives.neohapsis.com/archives/bugtraq/2012-07/att-0063/ESA-2012-027.txt\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "db": "BID",
        "id": "54414"
      },
      {
        "db": "PACKETSTORM",
        "id": "114647"
      },
      {
        "db": "PACKETSTORM",
        "id": "114653"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2282",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1027242",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "49911",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "19996",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20120711 ESA-2012-027: EMC CELERRA/VNX/VNXE IMPROPER ACCESS CONTROL VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "54414",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "114647",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "114653",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "db": "BID",
        "id": "54414"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "db": "PACKETSTORM",
        "id": "114647"
      },
      {
        "db": "PACKETSTORM",
        "id": "114653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "id": "VAR-201207-0336",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      }
    ],
    "trust": 1.1084586433333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      }
    ]
  },
  "last_update_date": "2025-04-11T22:59:17.182000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "NVX \u30d5\u30a1\u30df\u30ea",
        "trust": 0.8,
        "url": "http://japan.emc.com/storage/vnx/vnx-family.htm"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.emc.com/index.htm"
      },
      {
        "title": "EMC multiple product security bypass vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/18836"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
      },
      {
        "trust": 1.0,
        "url": "http://www.securitytracker.com/id?1027242"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2282"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2282"
      },
      {
        "trust": 0.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/att-0063/esa-2012-027.txt"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49911"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19996"
      },
      {
        "trust": 0.3,
        "url": "http://www.emc.com/?fromglobalsiteselect"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2282"
      },
      {
        "trust": 0.1,
        "url": "http://www.emc.com/contact-us/contact/product-security-response-center.htm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49911/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/psi"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49911"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49911/#comments"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "db": "BID",
        "id": "54414"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "db": "PACKETSTORM",
        "id": "114647"
      },
      {
        "db": "PACKETSTORM",
        "id": "114653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "db": "BID",
        "id": "54414"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "db": "PACKETSTORM",
        "id": "114647"
      },
      {
        "db": "PACKETSTORM",
        "id": "114653"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-07-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "date": "2012-07-12T00:00:00",
        "db": "BID",
        "id": "54414"
      },
      {
        "date": "2012-07-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "date": "2012-07-12T02:05:18",
        "db": "PACKETSTORM",
        "id": "114647"
      },
      {
        "date": "2012-07-12T06:05:32",
        "db": "PACKETSTORM",
        "id": "114653"
      },
      {
        "date": "2012-07-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      },
      {
        "date": "2012-07-16T20:55:00.830000",
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-07-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3692"
      },
      {
        "date": "2013-04-02T13:07:00",
        "db": "BID",
        "id": "54414"
      },
      {
        "date": "2012-07-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      },
      {
        "date": "2012-07-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2012-2282"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "EMC Celerra Network Server , EMC VNX ,and  EMC VNXe Vulnerable to reading files",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003108"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201207-162"
      }
    ],
    "trust": 0.6
  }
}

GHSA-VP34-VRW9-FXW3

Vulnerability from github – Published: 2022-05-17 05:13 – Updated: 2022-05-17 05:13

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-2282"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-07-16T20:55:00Z",
    "severity": "MODERATE"
  },
  "details": "EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.",
  "id": "GHSA-vp34-vrw9-fxw3",
  "modified": "2022-05-17T05:13:19Z",
  "published": "2022-05-17T05:13:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2282"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1027242"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-2282 (GCVE-0-2012-2282)

FKIE_CVE-2012-2282

CERTA-2012-AVI-389

Solution

GSD-2012-2282

VAR-201207-0336

GHSA-VP34-VRW9-FXW3

Tags

Sightings

Nomenclature