PT-2013-5128 · Symantec · Symantec Backup Exec

Published

2013-08-04

Updated

2013-08-09

CVE-2013-4678

CVSS v2.0

2.7

Low

Vector

AV:A/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Symantec Backup Exec versions 2010 R3 before 2010 R3 SP3 Symantec Backup Exec versions 2012 before SP2

Description The issue affects the NDMP protocol implementation, allowing remote authenticated users to obtain sensitive host-version information.

Recommendations For Symantec Backup Exec versions 2010 R3 before 2010 R3 SP3, update to 2010 R3 SP3. For Symantec Backup Exec versions 2012 before SP2, update to SP2.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2013-4678

Affected Products

Symantec Backup Exec

PT-2013-5128 · Symantec · Symantec Backup Exec

CVE-2013-4678

Weakness Enumeration

Related Identifiers

Affected Products

References · 3