CVE-2013-6923

Name: CVE-2013-6923
Creator: NVD / NIST
Published: 2014-01-09T18:55:08.15+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.22%

Last modified Jun 17, 2026

CVE-2013-6923 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php.. EPSS estimates a 3.22% chance of exploitation in the next 30 days.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php.

Metrics

EPSS Probability

3.22%

86.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions
Seagate	Blackarmor Nas 220 Firmware	sg2000-2000.1331
Seagate	Blackarmor Nas 220	st320005lsa10g-rk
Seagate	Blackarmor Nas 220	st340005lsa10g-rk
Seagate	Blackarmor Nas 220	stav6000100

References

Timeline

Published: Jan 9, 2014
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-6923?

How severe is CVE-2013-6923?

Severity scoring for CVE-2013-6923 is pending analysis. The EPSS model estimates a 3.22% probability of exploitation in the next 30 days.

How do I fix CVE-2013-6923?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-6923?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST