logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter.
References
Link | Resource |
---|---|
http://secunia.com/advisories/59019 | |
http://www.kb.cert.org/vuls/id/124908 | US Government Resource |
http://www.securityfocus.com/bid/67751 |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
No history.
Information
Published : 2014-06-02 19:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-2959
Mitre link : CVE-2014-2959
CVE.ORG link : CVE-2014-2959
JSON object : View
Products Affected
quantum
- scalar_i500
- scalar_i500_firmware
dell
- powervault_ml6000
- powervault_ml6000_firmware
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')