CVE-2010-2860

{"id": "CVE-2010-2860", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-08-05T13:22:29.653", "references": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0018.html", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1024271", "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/14536", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/512823/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/513564/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/42134", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/2337", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60885", "source": "cve@mitre.org"}, {"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2010-003.txt", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests."}, {"lang": "es", "value": "El dispositivo EMC Celerra Network Attached Storage (NAS) acepta tr\u00e1fico de red externo en direcciones IP pretendidas para una intranet con el dispositivo, lo que permite a atacantes remotos leer, crear o odificar ficheros de su elecci\u00f3n en el directorio de datos de usuari a trav\u00e9s de peticiones NFS. \r\n\r\n"}], "lastModified": "2018-10-10T20:00:07.873", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:emc:celerra_network_attached_storage:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0471A1A-CC96-4AC9-A8D0-46722EA25739"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}