EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Emc
  • Cloud Tiering Appliance
  • Cloud Tiering Appliance Virtual Edition

Configuration 1 [-]

OR cpe:2.3:a:emc:cloud_tiering_appliance_virtual_edition:*:*:*:*:*:*:*:*
cpe:2.3:h:emc:cloud_tiering_appliance:*:*:*:*:*:*:*:*

No data.

References
Link Providers
http://archives.neohapsis.com/archives/bugtraq/2012-08/0184.html cve-icon cve-icon
http://osvdb.org/85050 cve-icon cve-icon
http://secunia.com/advisories/50393 cve-icon cve-icon
http://www.securitytracker.com/id?1027448 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/78110 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2012-08-29T22:00:00

Updated: 2024-08-06T19:26:09.012Z

Reserved: 2012-04-19T00:00:00

Link: CVE-2012-2285

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-08-29T22:55:01.300

Modified: 2017-08-29T01:31:34.663

Link: CVE-2012-2285

cve-icon Redhat

No data.