CVE-2013-0526

Currently unrated

Key Information:

Vendor: IBM
Status: Global Console Manager 16 Firmware; Global Console Manager 32 Firmware
Vendor: CVE Published:; 21 August 2013

Summary

ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/85367

vdb-entryx_refsource_XF

http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm...

x_refsource_MISC

http://www.ibm.com/support/entry/portal/docdisplay?lndoci...

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 21, 2013
Vulnerability Reserved
Dec 16, 2012