Lucene search

[email protected]CVE-2011-3011

HistoryAug 15, 2011 - 7:55 p.m.

CVE-2011-3011

2011-08-1519:55:04

CWE-200

[email protected]

web.nvd.nist.gov

ca arcserve d2d r15

baseserviceimpl.class

remote code execution

cve-2011-3011

nvd

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.948 High

EPSS

Percentile

99.3%

JSON

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.

Affected configurations

NVD

Node

caarcserve_d2dMatchr15

CPENameOperatorVersion
ca:arcserve_d2dca arcserve d2deqr15

CPE	Name	Operator	Version
ca:arcserve_d2d	ca arcserve d2d	eq	r15

References

securityreason.com/securityalert/8338

www.securityfocus.com/archive/1/519234/100/0/threaded

www.securityfocus.com/bid/48897

support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B7D3ACC0F-6C01-4BE2-B5C0-C430CEB45BE6%7D

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.948 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2011-3011

nessus1 openvas1 checkpoint_advisories2 nvd1 securityvulns1 zdt1 prion1 cvelist1 dsquare1