CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-2986

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.058

EPSS Ranking 90.1%

CVSS Severity

CVSS v2 Score 7.7

References

http://www.kb.cert.org/vuls/id/441363
http://www.kb.cert.org/vuls/id/441363

Products affected by CVE-2012-2986

Hp » San/iq » Version: 9.5

cpe:2.3:a:hp:san/iq:9.5
Hp » Virtual San Appliance » Version: N/A

cpe:2.3:h:hp:virtual_san_appliance:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2986

Products

Pricing

Contact Us