Code Injection Flaw in IBM Scale Out Network Attached Storage
CVE-2012-2163

Currently unrated

Key Information:

Vendor: IBM
Status: Scale Out Network Attached Storage
Vendor: CVE Published:; 30 July 2012

What is CVE-2012-2163?

IBM Scale Out Network Attached Storage (SONAS) versions 1.1 through 1.3.1 are susceptible to a code injection vulnerability. This flaw allows remote authenticated administrators to execute arbitrary Linux commands through both the Command Line Interface and Graphical User Interface. Attackers can exploit this issue to gain unauthorized access to the system, potentially leading to further compromise of the storage environment.

References

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004170

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/75037

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2012
Vulnerability Reserved
Apr 4, 2012