PT-2013-2734 · Emc · Emc Networker
Published
2013-05-03
·
Updated
2013-05-03
·
CVE-2013-0940
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
EMC NetWorker versions prior to 7.6.5.3
EMC NetWorker versions 8.x prior to 8.0.1.4
Description
The issue is related to the nsrpush process in the client, which sets weak permissions for unspecified files. This allows local users to gain privileges via unknown vectors.
Recommendations
For versions prior to 7.6.5.3, update to version 7.6.5.3 or later.
For versions 8.x prior to 8.0.1.4, update to version 8.0.1.4 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Emc Networker