VAR-201111-0104

Vulnerability from variot - Updated: 2023-12-18 12:38

The Web User Interface on the IBM TS3100 and TS3200 tape libraries with firmware before A.60 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. IBM System Storage TS3100 and TS3200 Tape Library Express are prone to a security-bypass vulnerability. Successful exploits may allow attackers to bypass security restrictions and give access to the library administration. IBM System Storage TS3100 and TS3200 Tape Library Express versions prior to A.60 are vulnerable. ----------------------------------------------------------------------

Secunia is hiring!

Find your next job here:

http://secunia.com/company/jobs/


TITLE: IBM System Storage TS3100 / TS3200 Tape Library Express Security Bypass Security Issue

SECUNIA ADVISORY ID: SA46986

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46986/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46986

RELEASE DATE: 2011-11-24

DISCUSS ADVISORY: http://secunia.com/advisories/46986/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/46986/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=46986

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A security issue has been reported in IBM System Storage TS3100 and TS3200 Tape Library Express, which can be exploited by malicious people to bypass certain security restrictions.

The security issue is reported in versions prior to A.60.

SOLUTION: Update to version A.60.

PROVIDED AND/OR DISCOVERED BY: The vendor credits Martin Murfitt, Trustwave's SpiderLabs.

ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=ssg1S1003938

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201111-0104",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ts3100 tape library",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "*"
      },
      {
        "model": "ts3200 tape library",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "*"
      },
      {
        "model": "ts3200 tape library",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "a.40"
      },
      {
        "model": "ts3100 tape library",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "a.40"
      },
      {
        "model": "ts3100 tape library",
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "ts3100 tape library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "ibm",
        "version": "a.60"
      },
      {
        "model": "ts3200 tape library",
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "ts3200 tape library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "ibm",
        "version": "a.60"
      },
      {
        "model": "ts3100 tape library",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ibm",
        "version": "a.40"
      },
      {
        "model": "ts3200 tape library",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ibm",
        "version": "a.40"
      },
      {
        "model": "system storage ts3200 tape library express a.59",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "system storage ts3100 tape library express a.59",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "system storage ts3200 tape library express a.60",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "system storage ts3100 tape library express a.60",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "50799"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:ts3200_tape_library_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "a.40",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:ts3100_tape_library_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "a.40",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:ts3100_tape_library:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:ts3200_tape_library:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Martin Murfitt of Trustwave\u0027s SpiderLabs",
    "sources": [
      {
        "db": "BID",
        "id": "50799"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-1372",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2011-1372",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-49317",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-1372",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201111-438",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-49317",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Web User Interface on the IBM TS3100 and TS3200 tape libraries with firmware before A.60 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. IBM System Storage TS3100 and TS3200 Tape Library Express are prone to a security-bypass vulnerability. \nSuccessful exploits may allow attackers to bypass security restrictions and give access to the library administration. \nIBM System Storage TS3100 and TS3200 Tape Library Express versions prior to A.60 are vulnerable. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nIBM System Storage TS3100 / TS3200 Tape Library Express Security\nBypass Security Issue\n\nSECUNIA ADVISORY ID:\nSA46986\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46986/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46986\n\nRELEASE DATE:\n2011-11-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46986/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46986/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46986\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in IBM System Storage TS3100 and\nTS3200 Tape Library Express, which can be exploited by malicious\npeople to bypass certain security restrictions. \n\nThe security issue is reported in versions prior to A.60. \n\nSOLUTION:\nUpdate to version A.60. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Martin Murfitt, Trustwave\u0027s SpiderLabs. \n\nORIGINAL ADVISORY:\nhttp://www.ibm.com/support/docview.wss?uid=ssg1S1003938\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "db": "BID",
        "id": "50799"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "db": "PACKETSTORM",
        "id": "107281"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-1372",
        "trust": 2.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "46986",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "18223",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "71026",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "50799",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "108063",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-49317",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "107281",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "db": "BID",
        "id": "50799"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "db": "PACKETSTORM",
        "id": "107281"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ]
  },
  "id": "VAR-201111-0104",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49317"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:38:53.371000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "1003938",
        "trust": 0.8,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1003938"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1003938"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71026"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1372"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1372"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/71026"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/46986"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/18223"
      },
      {
        "trust": 0.3,
        "url": "https://www.trustwave.com/spiderlabs/advisories/twsl2011-018.txt"
      },
      {
        "trust": 0.3,
        "url": "http://www-03.ibm.com/systems/storage/tape/ts3100/"
      },
      {
        "trust": 0.3,
        "url": "http://www-03.ibm.com/systems/storage/tape/ts3200/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/company/jobs/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46986/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46986"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46986/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "db": "BID",
        "id": "50799"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "db": "PACKETSTORM",
        "id": "107281"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "db": "BID",
        "id": "50799"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "db": "PACKETSTORM",
        "id": "107281"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "date": "2011-11-24T00:00:00",
        "db": "BID",
        "id": "50799"
      },
      {
        "date": "2011-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "date": "2011-11-26T01:20:18",
        "db": "PACKETSTORM",
        "id": "107281"
      },
      {
        "date": "2011-11-28T11:55:08.750000",
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "date": "2011-11-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49317"
      },
      {
        "date": "2011-12-20T23:19:00",
        "db": "BID",
        "id": "50799"
      },
      {
        "date": "2011-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      },
      {
        "date": "2017-08-17T01:34:06.387000",
        "db": "NVD",
        "id": "CVE-2011-1372"
      },
      {
        "date": "2011-12-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IBM TS3100 and  TS3200 Vulnerabilities that can bypass authentication in tape libraries",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003098"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-438"
      }
    ],
    "trust": 0.6
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…