9.4

CVE-2008-5407

EPSS 1.39%
Published 10.12.2008 06:44:42
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple unspecified vulnerabilities in the Backup Exec remote-agent logon process in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allow remote attackers to bypass authentication, and read or delete files, via unknown vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 10

Data is provided by the National Vulnerability Database (NVD)

Symantec ≫ Backup Exec For Windows Server Version11d Update11.0.6235

Symantec ≫ Backup Exec For Windows Server Version11d Update11.0.7170

Symantec ≫ Backup Exec For Windows Server Version12.0 Update12.0.1364

Symantec ≫ Backup Exec For Windows Server Version12.5 Update12.5.2213

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.39%	0.785

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.4	10	9.2	AV:N/AC:L/Au:N/C:C/I:N/A:C

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://secunia.com/advisories/32810

Patch

Vendor Advisory

http://securityresponse.symantec.com/avcenter/security/Content/2008.11.19.html

Patch

Vendor Advisory

http://seer.entsupport.symantec.com/docs/314528.htm

Patch

Vendor Advisory

http://www.securityfocus.com/bid/32347

http://www.securitytracker.com/id?1021246

http://www.vupen.com/english/advisories/2008/3209

https://exchange.xforce.ibmcloud.com/vulnerabilities/46730

https://nvd.nist.gov/vuln/detail/CVE-2008-5407

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-5407

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-5407

EUVD