Vulnerability Details CVE-2012-1842
Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.6%
CVSS Severity
CVSS v2 Score 3.5
References
- http://osvdb.org/80225
- http://osvdb.org/80239
- http://secunia.com/advisories/48403
- http://secunia.com/advisories/48453
- http://www.kb.cert.org/vuls/id/913483
- http://www.kb.cert.org/vuls/id/MAPG-8NNKN8
- http://www.kb.cert.org/vuls/id/MAPG-8NVRPY
- http://osvdb.org/80225
- http://osvdb.org/80239
- http://secunia.com/advisories/48403
- http://secunia.com/advisories/48453
- http://www.kb.cert.org/vuls/id/913483
- http://www.kb.cert.org/vuls/id/MAPG-8NNKN8
- http://www.kb.cert.org/vuls/id/MAPG-8NVRPY
Products affected by CVE-2012-1842
-
cpe:2.3:a:dell:powervault_ml6000_firmware:585g.gs003
-
cpe:2.3:a:quantum:scalar_i500_firmware:i2
-
cpe:2.3:a:quantum:scalar_i500_firmware:i3
-
cpe:2.3:a:quantum:scalar_i500_firmware:i3.1
-
cpe:2.3:a:quantum:scalar_i500_firmware:i4
-
cpe:2.3:a:quantum:scalar_i500_firmware:i5
-
cpe:2.3:a:quantum:scalar_i500_firmware:i5.1
-
cpe:2.3:a:quantum:scalar_i500_firmware:i6
-
cpe:2.3:a:quantum:scalar_i500_firmware:i6.1
-
cpe:2.3:a:quantum:scalar_i500_firmware:i7
-
cpe:2.3:a:quantum:scalar_i500_firmware:i7.0.1
-
cpe:2.3:a:quantum:scalar_i500_firmware:i7.0.2
-
cpe:2.3:a:quantum:scalar_i500_firmware:sp4
-
cpe:2.3:a:quantum:scalar_i500_firmware:sp4.2
-
cpe:2.3:h:dell:powervault_ml6000:32u
-
cpe:2.3:h:dell:powervault_ml6000:41u
-
cpe:2.3:h:dell:powervault_ml6010:5u
-
cpe:2.3:h:dell:powervault_ml6020:14u
-
cpe:2.3:h:dell:powervault_ml6030:23u
-
cpe:2.3:h:quantum:scalar_i500:14u
-
cpe:2.3:h:quantum:scalar_i500:23u
-
cpe:2.3:h:quantum:scalar_i500:5u