CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2397

The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to the System.getRunTime.exec method.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 88.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://osvdb.org/77495
http://www.zerodayinitiative.com/advisories/ZDI-11-339/
https://exchange.xforce.ibmcloud.com/vulnerabilities/71602
http://osvdb.org/77495
http://www.zerodayinitiative.com/advisories/ZDI-11-339/
https://exchange.xforce.ibmcloud.com/vulnerabilities/71602

Products affected by CVE-2011-2397

Ironmountain » Connected Backup » Version: 8.4

cpe:2.3:a:ironmountain:connected_backup:8.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2397

Products

Pricing

Contact Us