CVE-2012-2163

Name of the Vulnerable Software and Affected Versions IBM Scale Out Network Attached Storage (SONAS) versions 1.1 through 1.3.1

Description The issue allows remote authenticated administrators to execute arbitrary Linux commands, related to a code injection problem. This can be achieved via the Command Line Interface or the Graphical User Interface.

Recommendations For versions 1.1 through 1.3.1, consider restricting access to the Command Line Interface and Graphical User Interface to minimize the risk of exploitation until a fix is available. As a temporary workaround, limit the privileges of remote authenticated administrators to reduce the potential impact of arbitrary command execution.