CVE-2012-2986 in SANinfo

Summary

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/30/2012

Disclosure

08/20/2012

Moderation

VulDB entry created

Entries

VDB-61725 (1)

CPE

ready

CWE

CWE-78 (Confirmed)

Exploit

Download

CVSS

8.0

EPSS

0.05815

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2986
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2986
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2986/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!