PT-2007-6112 · Ca · Ca Brightstor Arcserve Backup For Laptops/Desktops

Publicado

2007-10-01

Atualizado

2021-04-08

CVE-2007-5006

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions CA BrightStor ARCserve Backup for Laptops and Desktops versions r11.0 through r11.5

Description The issue concerns multiple command handlers that do not verify peer authentication, allowing remote attackers to perform unauthorized actions such as adding and deleting users, and starting client restores.

Recommendations For versions r11.0 through r11.5, update to a version that includes the necessary authentication verification for command handlers to prevent unauthorized access.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2007-5006

Produtos afetados

Ca Brightstor Arcserve Backup For Laptops/Desktops

PT-2007-6112 · Ca · Ca Brightstor Arcserve Backup For Laptops/Desktops

CVE-2007-5006

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9