Vulnerability Description
logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Powervault Ml6000 Firmware | <= i8.2.0.1_\(641g.gs003\) |
| Dell | Powervault Ml6000 | 32u |
| Quantum | Scalar I500 Firmware | <= i8.2.2.1_\(646g.gs002\) |
| Quantum | Scalar I500 | 5u |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/59019
- http://www.kb.cert.org/vuls/id/124908US Government Resource
- http://www.securityfocus.com/bid/67751
- http://secunia.com/advisories/59019
- http://www.kb.cert.org/vuls/id/124908US Government Resource
- http://www.securityfocus.com/bid/67751
FAQ
What is CVE-2014-2959?
CVE-2014-2959 is a vulnerability with a CVSS score of 9.0 (HIGH). logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote a...
How severe is CVE-2014-2959?
CVE-2014-2959 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2959?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Powervault Ml6000 Firmware, Dell Powervault Ml6000, Quantum Scalar I500 Firmware, Quantum Scalar I500.