CVE-2012-5767

Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004282	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/80272
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004282	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/80272

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:ibm:ts3500_tape_library_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:ts3500_tape_library:3584:*:*:*:*:*:*:*

History

21 Nov 2024, 01:45

Type	Values Removed	Values Added
References	~~() http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004282 - Vendor Advisory~~	() http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004282 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/80272 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/80272 -

Information

Published : 2013-02-27 16:55

Updated : 2025-04-11 00:51

NVD link : CVE-2012-5767

Mitre link : CVE-2012-5767

CVE.ORG link : CVE-2012-5767

JSON object : View

Products Affected

ibm

ts3500_tape_library_firmware
ts3500_tape_library

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-5767", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-02-27T16:55:02.213", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004282", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80272", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004282", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80272", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la interfaz web de la biblioteca de cintas IBM TS3500 con firmware anterior a C260 permite a usuarios remotos autenticados para obtener privilegios a trav\u00e9s de vectores sin especificar"}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:ts3500_tape_library_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08068A09-857B-4267-8EB0-EEB830B38CEF", "versionEndIncluding": "c080"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ibm:ts3500_tape_library:3584:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD7B79D7-A72A-44F2-A0D5-BB17AABA8D75"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@us.ibm.com"}