Cross-Site Request Forgery Vulnerability in Quantum Scalar i500 and Dell ML6000 Tape Libraries
CVE-2012-1843

Currently unrated

Key Information:

Vendor

Quantum

Status
Scalar I500 Firmware
Scalar I500
Vendor
CVE Published:
22 March 2012

What is CVE-2012-1843?

The Quantum Scalar i500 tape library and Dell ML6000 are vulnerable to a Cross-Site Request Forgery (CSRF) attack that allows attackers to hijack user authentication. This vulnerability affects systems with firmware versions prior to i7.0.3 for the Scalar i500 and A20-00 for the ML6000. By exploiting this vulnerability, attackers can execute arbitrary Linux commands on the affected devices via the fileName parameter, exposing sensitive data and compromising system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/48453
third-party-advisoryx_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/913483
third-party-advisoryx_refsource_CERT-VN
http://osvdb.org/80227
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.