CVE-2012-1843

Name: CVE-2012-1843
Creator: NVD / NIST
Published: 2012-03-22T10:17:11.097+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.06%

Last modified Jun 16, 2026

CVE-2012-1843 is a vulnerability of currently unknown severity. Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability.". EPSS estimates a 1.06% chance of exploitation in the next 30 days.

Description

Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability."

Metrics

EPSS Probability

1.06%

60.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-352

Affected Software

Vendor	Product	Versions
Quantum	Scalar I500 Firmware	<= i7.0.2
Quantum	Scalar I500 Firmware	i2
Quantum	Scalar I500 Firmware	i3
Quantum	Scalar I500 Firmware	i3.1
Quantum	Scalar I500 Firmware	i4
Quantum	Scalar I500 Firmware	i5
Quantum	Scalar I500 Firmware	i5.1
Quantum	Scalar I500 Firmware	i6
Quantum	Scalar I500 Firmware	i6.1
Quantum	Scalar I500 Firmware	i7
Quantum	Scalar I500 Firmware	i7.0.1
Quantum	Scalar I500 Firmware	sp4
Quantum	Scalar I500 Firmware	sp4.2
Quantum	Scalar I500	5u
Quantum	Scalar I500	14u
Quantum	Scalar I500	23u
Dell	Powervault Ml6000 Firmware	585g.gs003
Dell	Powervault Ml6000	32u
Dell	Powervault Ml6000	41u
Dell	Powervault Ml6010	5u
Dell	Powervault Ml6020	14u
Dell	Powervault Ml6030	23u

References

http://osvdb.org/80227
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NVRPYUS Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/74161
http://osvdb.org/80227
http://secunia.com/advisories/48403
http://secunia.com/advisories/48453
http://www.kb.cert.org/vuls/id/913483US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NNKN8US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8NVRPYUS Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/74161

Timeline

Published: Mar 22, 2012
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2012-1843?

How severe is CVE-2012-1843?

Severity scoring for CVE-2012-1843 is pending analysis. The EPSS model estimates a 1.06% probability of exploitation in the next 30 days.

How do I fix CVE-2012-1843?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-1843?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST