CVE-2012-1841 - Vulnerability Details

Vendors	Products
Dell	Powervault Ml6000 Powervault Ml6000 Firmware Powervault Ml6010 Powervault Ml6020 Powervault Ml6030
Quantum	Scalar I500 Scalar I500 Firmware

Link	Providers
http://osvdb.org/80226
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8
http://www.kb.cert.org/vuls/id/MAPG-8NVRPY

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-03-19T00:00:00", "descriptions": [{"lang": "en", "value": "Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-09T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "48453", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48453"}, {"name": "VU#913483", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/913483"}, {"tags": ["x_refsource_MISC"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NNKN8"}, {"tags": ["x_refsource_MISC"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NVRPY"}, {"name": "80226", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80226"}, {"name": "48403", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48403"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1841", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "48453", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48453"}, {"name": "VU#913483", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/913483"}, {"name": "http://www.kb.cert.org/vuls/id/MAPG-8NNKN8", "refsource": "MISC", "url": "http://www.kb.cert.org/vuls/id/MAPG-8NNKN8"}, {"name": "http://www.kb.cert.org/vuls/id/MAPG-8NVRPY", "refsource": "MISC", "url": "http://www.kb.cert.org/vuls/id/MAPG-8NVRPY"}, {"name": "80226", "refsource": "OSVDB", "url": "http://osvdb.org/80226"}, {"name": "48403", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48403"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:08:38.517Z"}, "title": "CVE Program Container", "references": [{"name": "48453", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48453"}, {"name": "VU#913483", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/913483"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NNKN8"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NVRPY"}, {"name": "80226", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80226"}, {"name": "48403", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48403"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-1841", "datePublished": "2012-03-22T10:00:00", "dateReserved": "2012-03-21T00:00:00", "dateUpdated": "2024-08-06T19:08:38.517Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2012-03-19T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-01-09T17:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 48453 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/48453 (string)

}

1 : { »

name : VU#913483 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT-VN (string)

]

url : http://www.kb.cert.org/vuls/id/913483 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NVRPY (string)

}

4 : { »

name : 80226 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80226 (string)

}

5 : { »

name : 48403 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/48403 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2012-1841 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 48453 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/48453 (string)

}

1 : { »

name : VU#913483 (string)

refsource : CERT-VN (string)

url : http://www.kb.cert.org/vuls/id/913483 (string)

}

2 : { »

name : http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 (string)

refsource : MISC (string)

url : http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 (string)

}

3 : { »

name : http://www.kb.cert.org/vuls/id/MAPG-8NVRPY (string)

refsource : MISC (string)

url : http://www.kb.cert.org/vuls/id/MAPG-8NVRPY (string)

}

4 : { »

name : 80226 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80226 (string)

}

5 : { »

name : 48403 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/48403 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T19:08:38.517Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 48453 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/48453 (string)

}

1 : { »

name : VU#913483 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT-VN (string)

2 : x_transferred (string)

]

url : http://www.kb.cert.org/vuls/id/913483 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NVRPY (string)

}

4 : { »

name : 80226 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80226 (string)

}

5 : { »

name : 48403 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/48403 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2012-1841 (string)

datePublished : 2012-03-22T10:00:00 (string)

dateReserved : 2012-03-21T00:00:00 (string)

dateUpdated : 2024-08-06T19:08:38.517Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "285AA3DB-D702-4F55-A6B6-99F6BC12B1DF", "versionEndIncluding": "i7.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i2:*:*:*:*:*:*:*", "matchCriteriaId": "FCE92B3E-2606-4309-9462-E0529A967AC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i3:*:*:*:*:*:*:*", "matchCriteriaId": "EC8B4BB2-1E77-4980-BFD2-3030703C27C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i3.1:*:*:*:*:*:*:*", "matchCriteriaId": "8AF16C0F-1D0B-45DB-BDBE-3400DEC20B9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i4:*:*:*:*:*:*:*", "matchCriteriaId": "0ADF92E7-1E86-432F-990A-D2B032329C0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i5:*:*:*:*:*:*:*", "matchCriteriaId": "85452B6E-BD5E-436B-BC5C-F91F68FD19A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3FB27B5B-0E14-4866-88FF-83BA652E6CD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i6:*:*:*:*:*:*:*", "matchCriteriaId": "94298513-64B2-40F5-AA01-27F5620217B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i6.1:*:*:*:*:*:*:*", "matchCriteriaId": "12FB8F97-28EE-42D3-B793-6E7F36B15234", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i7:*:*:*:*:*:*:*", "matchCriteriaId": "466D3BD8-0B2A-4DE6-BD23-118CF7AD3413", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:i7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8D2BEA7-216D-4202-8BE2-430CCCAD106F", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:sp4:*:*:*:*:*:*:*", "matchCriteriaId": "68CA3AC1-4AC5-48BA-B749-CF29104093DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:quantum:scalar_i500_firmware:sp4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DAE34EB9-66D2-498D-A02D-7F5EAD923707", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:quantum:scalar_i500:5u:*:*:*:*:*:*:*", "matchCriteriaId": "C6AA8B64-A78C-4B51-B29B-21CF2AEF9484", "vulnerable": true}, {"criteria": "cpe:2.3:h:quantum:scalar_i500:14u:*:*:*:*:*:*:*", "matchCriteriaId": "E6FFB7DA-15EB-4053-9440-A30F8E434F5C", "vulnerable": true}, {"criteria": "cpe:2.3:h:quantum:scalar_i500:23u:*:*:*:*:*:*:*", "matchCriteriaId": "C39DFB77-7945-4CA0-9B66-AF3908FE515D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dell:powervault_ml6000_firmware:585g.gs003:*:*:*:*:*:*:*", "matchCriteriaId": "B993C619-EC72-47F2-AAE0-8EED9AAC7BF6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:powervault_ml6000:32u:*:*:*:*:*:*:*", "matchCriteriaId": "136C9AB1-37AE-43EE-BAAC-39277789B734", "vulnerable": true}, {"criteria": "cpe:2.3:h:dell:powervault_ml6000:41u:*:*:*:*:*:*:*", "matchCriteriaId": "33A96FD1-2005-41BE-ACE5-33AC136F7206", "vulnerable": true}, {"criteria": "cpe:2.3:h:dell:powervault_ml6010:5u:*:*:*:*:*:*:*", "matchCriteriaId": "CB0FF827-E40B-4DC0-9CAC-82922B827F35", "vulnerable": true}, {"criteria": "cpe:2.3:h:dell:powervault_ml6020:14u:*:*:*:*:*:*:*", "matchCriteriaId": "789D5925-AF4A-4CBA-B51F-FF6F1ADE5C6C", "vulnerable": true}, {"criteria": "cpe:2.3:h:dell:powervault_ml6030:23u:*:*:*:*:*:*:*", "matchCriteriaId": "B93C93C2-3FC1-4E5A-AC82-22EAFAA5B4CE", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter."}, {"lang": "es", "value": "Una vulnerabilidad de salto de directorio absoluto en logShow.htm en la biblioteca de cinta Quantum Scalar i500 con el firmware anterior a i7.0.3 (604G.GS00100), que tambi\u00e9n se distribuye como la biblioteca de cintas Dell ML6000 con el firmware anterior a A20-00 (590G.GS00100), permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de una ruta completa en el par\u00e1metro file."}], "id": "CVE-2012-1841", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-03-22T10:17:11.003", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/80226"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/48403"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/48453"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/913483"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NNKN8"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NVRPY"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80226"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/48403"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/48453"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/913483"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NNKN8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8NVRPY"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "The vulnerability has never been exploited. However to make sure our customers are protected, all newly shipped versions of the product contain the update that fixes this issue.  An official firmware release that fixes the vulnerability is also available for all existing customers.  The customer data stored on tape cannot be exploited by this vulnerability.", "lastModified": "2012-06-13T00:00:00", "organization": "Quantum Corporation"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 285AA3DB-D702-4F55-A6B6-99F6BC12B1DF (string)

versionEndIncluding : i7.0.2 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i2:*:*:*:*:*:*:* (string)

matchCriteriaId : FCE92B3E-2606-4309-9462-E0529A967AC3 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i3:*:*:*:*:*:*:* (string)

matchCriteriaId : EC8B4BB2-1E77-4980-BFD2-3030703C27C2 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8AF16C0F-1D0B-45DB-BDBE-3400DEC20B9A (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i4:*:*:*:*:*:*:* (string)

matchCriteriaId : 0ADF92E7-1E86-432F-990A-D2B032329C0D (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i5:*:*:*:*:*:*:* (string)

matchCriteriaId : 85452B6E-BD5E-436B-BC5C-F91F68FD19A7 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3FB27B5B-0E14-4866-88FF-83BA652E6CD2 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i6:*:*:*:*:*:*:* (string)

matchCriteriaId : 94298513-64B2-40F5-AA01-27F5620217B3 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 12FB8F97-28EE-42D3-B793-6E7F36B15234 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i7:*:*:*:*:*:*:* (string)

matchCriteriaId : 466D3BD8-0B2A-4DE6-BD23-118CF7AD3413 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:i7.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A8D2BEA7-216D-4202-8BE2-430CCCAD106F (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:sp4:*:*:*:*:*:*:* (string)

matchCriteriaId : 68CA3AC1-4AC5-48BA-B749-CF29104093DC (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:quantum:scalar_i500_firmware:sp4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : DAE34EB9-66D2-498D-A02D-7F5EAD923707 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:quantum:scalar_i500:5u:*:*:*:*:*:*:* (string)

matchCriteriaId : C6AA8B64-A78C-4B51-B29B-21CF2AEF9484 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:h:quantum:scalar_i500:14u:*:*:*:*:*:*:* (string)

matchCriteriaId : E6FFB7DA-15EB-4053-9440-A30F8E434F5C (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:h:quantum:scalar_i500:23u:*:*:*:*:*:*:* (string)

matchCriteriaId : C39DFB77-7945-4CA0-9B66-AF3908FE515D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:dell:powervault_ml6000_firmware:585g.gs003:*:*:*:*:*:*:* (string)

matchCriteriaId : B993C619-EC72-47F2-AAE0-8EED9AAC7BF6 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:dell:powervault_ml6000:32u:*:*:*:*:*:*:* (string)

matchCriteriaId : 136C9AB1-37AE-43EE-BAAC-39277789B734 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:h:dell:powervault_ml6000:41u:*:*:*:*:*:*:* (string)

matchCriteriaId : 33A96FD1-2005-41BE-ACE5-33AC136F7206 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:h:dell:powervault_ml6010:5u:*:*:*:*:*:*:* (string)

matchCriteriaId : CB0FF827-E40B-4DC0-9CAC-82922B827F35 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:h:dell:powervault_ml6020:14u:*:*:*:*:*:*:* (string)

matchCriteriaId : 789D5925-AF4A-4CBA-B51F-FF6F1ADE5C6C (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:h:dell:powervault_ml6030:23u:*:*:*:*:*:*:* (string)

matchCriteriaId : B93C93C2-3FC1-4E5A-AC82-22EAFAA5B4CE (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad de salto de directorio absoluto en logShow.htm en la biblioteca de cinta Quantum Scalar i500 con el firmware anterior a i7.0.3 (604G.GS00100), que también se distribuye como la biblioteca de cintas Dell ML6000 con el firmware anterior a A20-00 (590G.GS00100), permite a atacantes remotos leer archivos de su elección a través de una ruta completa en el parámetro file. (string)

}

]

id : CVE-2012-1841 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2012-03-22T10:17:11.003 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80226 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/48403 (string)

}

2 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/48453 (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/913483 (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 (string)

}

5 : { »

source : cve@mitre.org (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NVRPY (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80226 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/48403 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/48453 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/913483 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/MAPG-8NVRPY (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vendorComments : [ »

0 : { »

comment : The vulnerability has never been exploited. However to make sure our customers are protected, all newly shipped versions of the product contain the update that fixes this issue. An official firmware release that fixes the vulnerability is also available for all existing customers. The customer data stored on tape cannot be exploited by this vulnerability. (string)

lastModified : 2012-06-13T00:00:00 (string)

organization : Quantum Corporation (string)

}

]

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-22 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object