CVE-2010-2860
Summary
| CVE | CVE-2010-2860 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-08-05 13:22:00 UTC |
| Updated | 2018-10-10 20:00:00 UTC |
| Description | The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Emc | Celerra Network Attached Storage | All | All | All | All |
| Hardware | Emc | Celerra Network Attached Storage | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| SecurityTracker.com Archives - EMC Celerra Network Attached Storage Lets Remote Users Access the NFS Data Directory | SECTRACK | securitytracker.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| EMC Celerra Unified Storage Platform NAS Security Bypass Vulnerability | BID | www.securityfocus.com | |
| Unauthorized Access to Root NFS Export on EMC Celerra NAS Appliance | EXPLOIT-DB | www.exploit-db.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| 404 Not Found | Trustwave | MISC | www.trustwave.com | |
| 20100802 TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra NAS appliance | FULLDISC | archives.neohapsis.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.