CVE-2014-3081

prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.

CVSS v2.0 6.3 MEDIUM

6.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:C/I:N/A:N

Exploitability : 6.8 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html	Exploit
http://seclists.org/fulldisclosure/2014/Jul/113
http://www.exploit-db.com/exploits/34132/	Exploit
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/93930

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:ibm:global_console_manager_16_firmware::::::::
	cpe:2.3:o:ibm:global_console_manager_32_firmware::::::::

History

No history.

Information

Published : 2014-08-17 23:55

Updated : 2024-02-04 18:35

NVD link : CVE-2014-3081

Mitre link : CVE-2014-3081

CVE.ORG link : CVE-2014-3081

JSON object : View

Products Affected

ibm

global_console_manager_16_firmware
global_console_manager_32_firmware

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2014-3081", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-08-17T23:55:06.887", "references": [{"url": "http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html", "tags": ["Exploit"], "source": "psirt@us.ibm.com"}, {"url": "http://seclists.org/fulldisclosure/2014/Jul/113", "source": "psirt@us.ibm.com"}, {"url": "http://www.exploit-db.com/exploits/34132/", "tags": ["Exploit"], "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095983", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93930", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter."}, {"lang": "es", "value": "prodtest.php en los switches IBM GCM16 y GCM32 Global Console Manager con firmware anterior a 1.20.20.23447 permite a usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s del par\u00e1metro filename."}], "lastModified": "2017-08-29T01:34:38.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:global_console_manager_16_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A20A7D6-73FB-4E05-9D73-C23E20513AE5", "versionEndIncluding": "1.20.0.22575"}, {"criteria": "cpe:2.3:o:ibm:global_console_manager_32_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40D05CCE-C686-4D08-B4FE-B5C02DFA5EE3", "versionEndIncluding": "1.20.0.22575"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}