CVE-2005-0358

EPSS 17.89%
Veröffentlicht 23.08.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cret@cert.org
Teams Watchlist Login
Unerledigt Login

EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Emc ≫ Legato Networker Version4.2.2

Emc ≫ Legato Networker Version6.0

Emc ≫ Legato Networker Version6.1

Emc ≫ Legato Networker Version7.2

Emc ≫ Legato Networker Version7.13

Sun ≫ Solstice Backup Version6.0

Sun ≫ Solstice Backup Version6.1

Sun ≫ Storedge Enterprise Backup Software Version7.0

Sun ≫ Storedge Enterprise Backup Software Version7.1

Sun ≫ Storedge Enterprise Backup Software Version7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	17.89%	0.946

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/16464

Patch

Vendor Advisory

http://secunia.com/advisories/16470

Vendor Advisory

http://securitytracker.com/id?1014713

Patch

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1

Patch

Vendor Advisory

http://www.securityfocus.com/bid/14582

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/407641

Patch

Third Party Advisory

US Government Resource

http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm

http://www.osvdb.org/18801

https://exchange.xforce.ibmcloud.com/vulnerabilities/21892

https://nvd.nist.gov/vuln/detail/CVE-2005-0358

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0358

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0358

EUVD