CVE-2012-2282

Published: Jul 16, 2012Modified: Apr 29, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.

Affected (13)

Products: Emc: Celerra Network Server, Vnx, Vnxe

Emc

3 products

Celerra Network Server

Vnx

Vnxe

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Emc Celerra Network Server	Version 6.0.36.4
Emc Celerra Network Server	Version 6.0.60.2

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Emc Vnx	Version 7.0.12.0
Emc Vnx	Version 7.0.53.1

Configuration C

9 vulnerable

Vulnerable Software	Affected Versions
Emc Vnxe	Version 2.0
Emc Vnxe	Version 2.0 sp1
Emc Vnxe	Version 2.0 sp2
Emc Vnxe	Version 2.0 sp3
Emc Vnxe	Version mr1 sp1
Emc Vnxe	Version mr1 sp2
Emc Vnxe	Version mr1 sp3.1
Emc Vnxe	Version mr1 sp3
Emc Vnxe	Version mr2 sp0.1

Related CWEs

CWE-264

References (4)

http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html

Source: security_alert@emc.com

http://www.securitytracker.com/id?1027242

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2012-07/0063.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1027242

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.