GCVE - cpe:2.3:a:quantum:scalar_i500_firmware:i2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:quantum:scalar_i500_firmware:i2:*:*:*:*:*:*:*

part: a version: i2 update: *

Vendor	Quantum (`5ec80e0c-0867-52da-a8a5-949622ffdecd`)
Product	Scalar I500 Firmware (`43e4b451-830a-55fa-a3c4-a46bb5627c68`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-1844`	vulnerable	2026-06-08 05:00:51.131429	Details available The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape library with firmware before R6C (606G.GS001), uses default passwords for unspecified user accounts, which makes it easier for remote attackers to obtain access via unknown vectors. Published: 2012-03-22T10:00:00.000Z Updated: 2024-08-06T19:08:38.646Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/74322 http://www.kb.cert.org/vuls/id/913483 http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 http://www.kb.cert.org/vuls/id/MAPG-8NVRPY http://osvdb.org/80372	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-1843`	vulnerable	2026-06-08 05:00:51.130357	Details available Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability." Published: 2012-03-22T10:00:00.000Z Updated: 2024-08-06T19:08:38.704Z Open on db.gcve.eu Reference links http://secunia.com/advisories/48453 http://www.kb.cert.org/vuls/id/913483 http://osvdb.org/80227 http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 https://exchange.xforce.ibmcloud.com/vulnerabilities/74161	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-1842`	vulnerable	2026-06-08 05:00:51.129477	Details available Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: 2012-03-22T10:00:00.000Z Updated: 2024-08-06T19:08:38.508Z Open on db.gcve.eu Reference links http://secunia.com/advisories/48453 http://www.kb.cert.org/vuls/id/913483 http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 http://www.kb.cert.org/vuls/id/MAPG-8NVRPY http://osvdb.org/80239	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-1841`	vulnerable	2026-06-08 05:00:51.118375	Details available Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter. Published: 2012-03-22T10:00:00.000Z Updated: 2024-08-06T19:08:38.517Z Open on db.gcve.eu Reference links http://secunia.com/advisories/48453 http://www.kb.cert.org/vuls/id/913483 http://www.kb.cert.org/vuls/id/MAPG-8NNKN8 http://www.kb.cert.org/vuls/id/MAPG-8NVRPY http://osvdb.org/80226	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.