RCE in Emc Connectrix_manager

CVE-2013-6810

The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by us…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.648 (98.5th percentile) — read the EPSS interpretation.

Affected products

Emc Connectrix_manager — versions 11.2.1, 12.0.1, 12.0.3
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

References

42702 (exploit, x_refsource_EXPLOIT-DB)
1029485 (vdb-entry, x_refsource_SECTRACK)
20140129 CVE-2013-6810 / EMC / HP issue is actually Brocade (mailing-list, x_refsource_VIM)
cve@mitre.org (x_refsource_MISC)
20131211 ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
HPSBHF02953 (x_refsource_HP, vendor-advisory)
42701 (exploit, x_refsource_EXPLOIT-DB)
connectrix-manager-directory-traversal(90728) (vdb-entry, x_refsource_XF)
56143 (x_refsource_SECUNIA, third-party-advisory)