CVE-2010-2860

Published Aug 5, 2010

Last updated 6 years ago

Overview

Description: The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:emc:celerra_network_attached_storage:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0471A1A-CC96-4AC9-A8D0-46722EA25739"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References