PT-2007-6112 · Ca · Ca Brightstor Arcserve Backup For Laptops/Desktops

Published

2007-10-01

Updated

2021-04-08

CVE-2007-5006

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions CA BrightStor ARCserve Backup for Laptops and Desktops versions r11.0 through r11.5

Description The issue concerns multiple command handlers that do not verify peer authentication, allowing remote attackers to perform unauthorized actions such as adding and deleting users, and starting client restores.

Recommendations For versions r11.0 through r11.5, update to a version that includes the necessary authentication verification for command handlers to prevent unauthorized access.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2007-5006

Affected Products

Ca Brightstor Arcserve Backup For Laptops/Desktops

PT-2007-6112 · Ca · Ca Brightstor Arcserve Backup For Laptops/Desktops

CVE-2007-5006

Weakness Enumeration

Related Identifiers

Affected Products

References · 9