CVE-2012-1841 — MEDIUM (5.0)

Q: How severe is CVE-2012-1841?

CVE-2012-1841 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-1841?

Check the references section above for vendor advisories and patch information. Affected products include: Quantum Scalar I500 Firmware, Quantum Scalar I500, Dell Powervault Ml6000 Firmware, Dell Powervault Ml6000, Dell Powervault Ml6010.

Vulnerability Description

Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Quantum	Scalar I500 Firmware	<= i7.0.2
Quantum	Scalar I500	5u
Dell	Powervault Ml6000 Firmware	585g.gs003
Dell	Powervault Ml6000	32u
Dell	Powervault Ml6010	5u
Dell	Powervault Ml6020	14u
Dell	Powervault Ml6030	23u

Related Weaknesses (CWE)

CWE-22

References

http://osvdb.org/80226
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NVRPYUS Government Resource
http://osvdb.org/80226
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NVRPYUS Government Resource

FAQ

What is CVE-2012-1841?

CVE-2012-1841 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware ...

How severe is CVE-2012-1841?

CVE-2012-1841 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-1841?

Check the references section above for vendor advisories and patch information. Affected products include: Quantum Scalar I500 Firmware, Quantum Scalar I500, Dell Powervault Ml6000 Firmware, Dell Powervault Ml6000, Dell Powervault Ml6010.