Vulnerability Description
EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Celerra Network Server | 6.0.36.4 |
| Emc | Vnx | 7.0.12.0 |
| Emc | Vnxe | 2.0 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html
- http://www.securitytracker.com/id?1027242
- http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html
- http://www.securitytracker.com/id?1027242
FAQ
What is CVE-2012-2282?
CVE-2012-2282 is a vulnerability with a CVSS score of 6.5 (MEDIUM). EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NF...
How severe is CVE-2012-2282?
CVE-2012-2282 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2282?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Celerra Network Server, Emc Vnx, Emc Vnxe.