CVE-2013-6030
 
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint Unity 2016 (aka MPU2016) KVM switch with firmware 1.9.16473 allows remote attackers to read arbitrary files via unspecified vectors, as demonstrated by reading the /etc/passwd file.
Vulnerabilidad de salto de directorio en el switch KVM Emerson Network Power Avocent MergePoint Unity 2016 (también conocido como MPU2016) con firmware 1.9.16473 permite a atacantes remotos leer ficheros arbitrarios a través de vectores no especificados, como se muestra leyendo el fichero /etc/passwd.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-10-04 CVE Reserved
- 2014-01-24 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.kb.cert.org/vuls/id/168751 | Third Party Advisory | |
http://www.securityfocus.com/bid/65105 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Emerson Search vendor "Emerson" | Network Power Avocent Mergepoint Unity 2016 Firmware Search vendor "Emerson" for product "Network Power Avocent Mergepoint Unity 2016 Firmware" | 1.9.16473 Search vendor "Emerson" for product "Network Power Avocent Mergepoint Unity 2016 Firmware" and version "1.9.16473" | - |
Affected
| in | Emerson Search vendor "Emerson" | Network Power Avocent Mergepoint Unity 2016 Firmware Search vendor "Emerson" for product "Network Power Avocent Mergepoint Unity 2016 Firmware" | 1.9.16473 Search vendor "Emerson" for product "Network Power Avocent Mergepoint Unity 2016 Firmware" and version "1.9.16473" | - |
Affected
|