4.3

CVE-2013-4677

Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SymantecBackup Exec Version2010
SymantecBackup Exec Version2010_r3 Updatesp1
SymantecBackup Exec Version2010_r3 Updatesp2
SymantecBackup Exec Version2012
SymantecBackup Exec Version2012 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.32% 0.239
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 3.1 6.4
AV:L/AC:L/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130801_00
Vendor Advisory
http://osvdb.org/95939
http://www.securityfocus.com/bid/61487