CVE-2013-6030
Summary
| CVE | CVE-2013-6030 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-01-24 04:38:00 UTC |
| Updated | 2016-12-31 02:59:00 UTC |
| Description | Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint Unity 2016 (aka MPU2016) KVM switch with firmware 1.9.16473 allows remote attackers to read arbitrary files via unspecified vectors, as demonstrated by reading the /etc/passwd file. |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Emerson | Network Power Avocent Mergepoint Unity 2016 Firmware | 1.9.16473 | All | All | All |
| Operating System | Emerson | Network Power Avocent Mergepoint Unity 2016 Firmware | 1.9.16473 | All | All | All |
| Hardware | Emerson | Network Power Avocent Mergepoint Unity 2016 Firmware | 1.9.16473 | All | All | All |
| Operating System | Emerson | Network Power Avocent Mergepoint Unity 2016 Firmware | 1.9.16473 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Emerson Network Power Avocent MergePoint Unity 2016 KVM Directory Traversal Vulnerability | BID | www.securityfocus.com | |
| Vulnerability Note VU#168751 - Emerson Network Power Avocent MergePoint Unity 2016 KVM and possibly other model switches contain a directory traversal vulnerability | CERT-VN | www.kb.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.