CVE-2013-6030
Summary
| CVE | CVE-2013-6030 |
|---|---|
| State | PUBLISHED |
| Assigner | certcc |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-01-24 04:38:09 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint Unity 2016 (aka MPU2016) KVM switch with firmware 1.9.16473 allows remote attackers to read arbitrary files via unspecified vectors, as demonstrated by reading the /etc/passwd file. |
Risk And Classification
Primary CVSS: v2.0 5 from [email protected]
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS: 0.001810000 probability, percentile 0.393520000 (date 2026-05-03)
Problem Types: CWE-22 | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
NoneAvailability
NoneAV:N/AC:L/Au:N/C:P/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Emerson | Network Power Avocent Mergepoint Unity 2016 Firmware | 1.9.16473 | All | All | All |
| Operating System | Emerson | Network Power Avocent Mergepoint Unity 2016 Firmware | 1.9.16473 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Emerson Network Power Avocent MergePoint Unity 2016 KVM Directory Traversal Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Vulnerability Note VU#168751 - Emerson Network Power Avocent MergePoint Unity 2016 KVM and possibly other model switches contain a directory traversal vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.