CVE-2013-6030
Published Jan 24, 2014
Last updated 8 years ago
Overview
- Description
- Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint Unity 2016 (aka MPU2016) KVM switch with firmware 1.9.16473 allows remote attackers to read arbitrary files via unspecified vectors, as demonstrated by reading the /etc/passwd file.
- Source
- cret@cert.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:emerson:network_power_avocent_mergepoint_unity_2016_firmware:1.9.16473:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD1E7755-17BB-4465-8999-BCD0C5AEF5A5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emerson:network_power_avocent_mergepoint_unity_2016_firmware:1.9.16473:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94C0BAF1-9C83-4AA9-AFCC-50FD958043F5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]