VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 22, 2012· Updated Apr 29, 2026

CVE-2012-1843

CVE-2012-1843

Description

Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability."

Affected products

22
  • Quantum/Scalar I500 Firmware13 versions
    cpe:2.3:a:quantum:scalar_i500_firmware:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:quantum:scalar_i500_firmware:*:*:*:*:*:*:*:*range: <=i7.0.2
    • cpe:2.3:a:quantum:scalar_i500_firmware:i2:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i3:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i4:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i5:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i6:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i7:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:i7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:sp4:*:*:*:*:*:*:*
    • cpe:2.3:a:quantum:scalar_i500_firmware:sp4.2:*:*:*:*:*:*:*
  • Quantum/Scalar I5003 versions
    cpe:2.3:h:quantum:scalar_i500:5u:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:h:quantum:scalar_i500:5u:*:*:*:*:*:*:*
    • cpe:2.3:h:quantum:scalar_i500:14u:*:*:*:*:*:*:*
    • cpe:2.3:h:quantum:scalar_i500:23u:*:*:*:*:*:*:*
  • Dell/Powervault Ml6000 Firmware
    cpe:2.3:a:dell:powervault_ml6000_firmware:585g.gs003:*:*:*:*:*:*:*
  • Dell/Powervault Ml60002 versions
    cpe:2.3:h:dell:powervault_ml6000:32u:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:dell:powervault_ml6000:32u:*:*:*:*:*:*:*
    • cpe:2.3:h:dell:powervault_ml6000:41u:*:*:*:*:*:*:*
  • Dell/Powervault Ml6010
    cpe:2.3:h:dell:powervault_ml6010:5u:*:*:*:*:*:*:*
  • Dell/Powervault Ml6020
    cpe:2.3:h:dell:powervault_ml6020:14u:*:*:*:*:*:*:*
  • Dell/Powervault Ml6030
    cpe:2.3:h:dell:powervault_ml6030:23u:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.