SQL Injection Vulnerability in IBM System Storage DS Storage Manager
CVE-2012-2171

Currently unrated

Key Information:

Vendor

IBM
Status
Ds Storage Manager Host Software
Ds4100
Ds4200
Ds4300
Vendor
CVE Published:
22 June 2012

What is CVE-2012-2171?

A SQL injection vulnerability exists in the ModuleServlet.do component of the IBM System Storage DS Storage Manager prior to version 10.83.xx.18. This flaw enables remote authenticated users to execute arbitrary SQL commands through the 'selectedModuleOnly' parameter in the 'state_viewmodulelog' action. It poses a significant risk as it can be exploited to manipulate database information or execute unauthorized queries.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.zeroscience.mk/codes/ibmssdssmp_sqlixss.txt
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/75236
vdb-entryx_refsource_XF
http://www.ibm.com/connections/blogs/PSIRT/entry/secbulle...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.