CVE-2012-2568 - Vulnerability Details - OpenCVE

Description

d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors.

Published: 2012-05-25

Score: 10.0 Critical

EPSS: 1.1% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:h:seagate:blackarmor_nas:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2012-2554	d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.01096.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://secunia.com/advisories/49282
http://www.kb.cert.org/vuls/id/515283
http://www.securityfocus.com/bid/53670
https://exchange.xforce.ibmcloud.com/vulnerabilities/75854

History

No history.

Subscriptions

Seagate Blackarmor Nas

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2012-05-25T20:00:00.000Z

Updated: 2024-08-06T19:34:25.947Z

Reserved: 2012-05-09T00:00:00.000Z

Link: CVE-2012-2568

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-05-25T20:55:01.820

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-2568

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-05-23T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "53670", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/53670"}, {"name": "blackarmor-network-sec-bypass(75854)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75854"}, {"name": "49282", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49282"}, {"name": "VU#515283", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/515283"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2012-2568", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "53670", "refsource": "BID", "url": "http://www.securityfocus.com/bid/53670"}, {"name": "blackarmor-network-sec-bypass(75854)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75854"}, {"name": "49282", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49282"}, {"name": "VU#515283", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/515283"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:34:25.947Z"}, "title": "CVE Program Container", "references": [{"name": "53670", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/53670"}, {"name": "blackarmor-network-sec-bypass(75854)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75854"}, {"name": "49282", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49282"}, {"name": "VU#515283", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/515283"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2012-2568", "datePublished": "2012-05-25T20:00:00.000Z", "dateReserved": "2012-05-09T00:00:00.000Z", "dateUpdated": "2024-08-06T19:34:25.947Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:seagate:blackarmor_nas:*:*:*:*:*:*:*:*", "matchCriteriaId": "2EB0AAF0-1AAE-42A4-B6B2-5A4C75D2F2EE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors."}, {"lang": "es", "value": "d41d8cd98f00b204e9800998ecf8427e.php en el servidor web de gesti\u00f3n en el dispositivo Seagate BlackArmor permite a atacantes remotos cambiar la contrase\u00f1a de administrador a trav\u00e9s de vectores no especificados."}], "id": "CVE-2012-2568", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-05-25T20:55:01.820", "references": [{"source": "cret@cert.org", "url": "http://secunia.com/advisories/49282"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/515283"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/53670"}, {"source": "cret@cert.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75854"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/49282"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/515283"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/53670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75854"}], "sourceIdentifier": "cret@cert.org", "vendorComments": [{"comment": "The latest revision of the Seagate Software now includes a fix, which address the previously publicized security hole. We will be communicating this to our installed base of users both by direct email as well as Update notifications sent through the BlackArmor NAS User Interface. \n\nThe software updates can be found here: \nhttp://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-110/banas-110-firmware-master-dl/\nhttp://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-220/banas-220-firmware-master-dl/\nhttp://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-440/banas-440-firmware-master-dl/\n\n\n\nNote that there are 3 different versions of the firmware update, which correlate to the number of bays in the hardware (e.g 1-bay, 2-bay and 4-bay).", "lastModified": "2012-10-26T00:00:00", "organization": "Seagate"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}