Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N
Vendors Products
Dell
  • Powervault Ml6000 Firmware
  • Powervault Ml6000
  • Powervault Ml6010
  • Powervault Ml6030
  • Powervault Ml6020
Quantum
  • Scalar I500
  • Scalar I500 Firmware

Configuration 1 [-]

AND
OR cpe:2.3:a:quantum:scalar_i500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i2:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i3:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i3.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i4:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i5:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i5.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i6:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i6.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i7:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:i7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:sp4:*:*:*:*:*:*:*
cpe:2.3:a:quantum:scalar_i500_firmware:sp4.2:*:*:*:*:*:*:*
OR cpe:2.3:h:quantum:scalar_i500:5u:*:*:*:*:*:*:*
cpe:2.3:h:quantum:scalar_i500:14u:*:*:*:*:*:*:*
cpe:2.3:h:quantum:scalar_i500:23u:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:a:dell:powervault_ml6000_firmware:585g.gs003:*:*:*:*:*:*:*
OR cpe:2.3:h:dell:powervault_ml6000:32u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6000:41u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6010:5u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6020:14u:*:*:*:*:*:*:*
cpe:2.3:h:dell:powervault_ml6030:23u:*:*:*:*:*:*:*
References
Link Resource
http://osvdb.org/80225
http://osvdb.org/80239
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483 US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NVRPY US Government Resource
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2012-03-22T10:00:00

Updated: 2018-01-09T17:57:01

Reserved: 2012-03-21T00:00:00

Link: CVE-2012-1842

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2012-03-22T10:17:11.050

Modified: 2018-01-10T02:29:30.347

Link: CVE-2012-1842

JSON object: View

cve-icon Redhat Information

No data.

CWE