Quantum Scalar i500, Dell ML6000, and IBM TS3310 are prone to following vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site scripting vulnerability 3. A cross-site request-forgery vulnerability 4. A security-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. The information- disclosure vulnerability can allow the attacker to obtain sensitive information that may aid in launching further attacks. Exploiting the cross-site request-forgery may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible. Attackers can exploit a password weakness issue to bypass security restrictions to obtain sensitive information or perform unauthorized actions this may aid in launching further attacks.

• http://www.kb.cert.org/vuls/id/913483
• http://www.quantum.com/ServiceandSupport/SoftwareandDocumentationDownloads/SI500/Index.aspx
• http://www.securityfocus.com/bid/52566

---

Updated on 2015-03-25