Lucene search
DellCVE-2013-0940HistoryMay 03, 2013 - 11:57 a.m.
CVE-2013-0940
2013-05-0311:57:41
CWE-264
dell
web.nvd.nist.gov
29
emc networker
nsrpush process
weak permissions
cve-2013-0940
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
5.1%
The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
Affected configurations
Node
emcnetworkerRange≤7.6.5.2
ORemcnetworkerMatch6.0
ORemcnetworkerMatch6.1
ORemcnetworkerMatch7.0
ORemcnetworkerMatch7.2
ORemcnetworkerMatch7.3
ORemcnetworkerMatch7.3.2
ORemcnetworkerMatch7.4
ORemcnetworkerMatch7.4sp1
ORemcnetworkerMatch7.4sp2
ORemcnetworkerMatch7.4sp3
ORemcnetworkerMatch7.4sp4
ORemcnetworkerMatch7.4sp5
ORemcnetworkerMatch7.4.5.4
ORemcnetworkerMatch7.4.5.5
ORemcnetworkerMatch7.4.5.6
ORemcnetworkerMatch7.4.5.10
ORemcnetworkerMatch7.5
ORemcnetworkerMatch7.5sp1
ORemcnetworkerMatch7.5sp2
ORemcnetworkerMatch7.5sp3
ORemcnetworkerMatch7.5.2.0
ORemcnetworkerMatch7.5.2.1
ORemcnetworkerMatch7.5.2.2
ORemcnetworkerMatch7.5.2.3
ORemcnetworkerMatch7.5.2.4
ORemcnetworkerMatch7.5.3
ORemcnetworkerMatch7.5.3.1
ORemcnetworkerMatch7.5.3.2
ORemcnetworkerMatch7.5.3.3
ORemcnetworkerMatch7.5.3.4
ORemcnetworkerMatch7.5.3.5
ORemcnetworkerMatch7.5.4
ORemcnetworkerMatch7.5.4.1
ORemcnetworkerMatch7.5.4.2
ORemcnetworkerMatch7.5.4.3
ORemcnetworkerMatch7.5.4.4
ORemcnetworkerMatch7.5.4.5
ORemcnetworkerMatch7.5.4.6
ORemcnetworkerMatch7.5.4.7
ORemcnetworkerMatch7.6.0.2
ORemcnetworkerMatch7.6.0.3
ORemcnetworkerMatch7.6.0.4
ORemcnetworkerMatch7.6.0.5
ORemcnetworkerMatch7.6.0.6
ORemcnetworkerMatch7.6.0.7
ORemcnetworkerMatch7.6.0.8
ORemcnetworkerMatch7.6.0.9
ORemcnetworkerMatch7.6.1
ORemcnetworkerMatch7.6.1.1
ORemcnetworkerMatch7.6.1.2
ORemcnetworkerMatch7.6.1.3
ORemcnetworkerMatch7.6.1.4
ORemcnetworkerMatch7.6.1.5
ORemcnetworkerMatch7.6.3
ORemcnetworkerMatch7.6.4
ORemcnetworkerMatch7.6.4.1
ORemcnetworkerMatch7.6.4.2
ORemcnetworkerMatch7.6.4.3
ORemcnetworkerMatch7.6.4.4
ORemcnetworkerMatch7.6.4.5
ORemcnetworkerMatch7.6.5
Node
emcnetworkerMatch8.0
ORemcnetworkerMatch8.0.0.1
ORemcnetworkerMatch8.0.0.2
ORemcnetworkerMatch8.0.0.3
ORemcnetworkerMatch8.0.0.4
ORemcnetworkerMatch8.0.0.5
ORemcnetworkerMatch8.0.0.6
ORemcnetworkerMatch8.0.1.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| emc | networker | * | cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:* |
| emc | networker | 6.0 | cpe:2.3:a:emc:networker:6.0:*:*:*:*:*:*:* |
| emc | networker | 6.1 | cpe:2.3:a:emc:networker:6.1:*:*:*:*:*:*:* |
| emc | networker | 7.0 | cpe:2.3:a:emc:networker:7.0:*:*:*:*:*:*:* |
| emc | networker | 7.2 | cpe:2.3:a:emc:networker:7.2:*:*:*:*:*:*:* |
| emc | networker | 7.3 | cpe:2.3:a:emc:networker:7.3:*:*:*:*:*:*:* |
| emc | networker | 7.3.2 | cpe:2.3:a:emc:networker:7.3.2:*:*:*:*:*:*:* |
| emc | networker | 7.4 | cpe:2.3:a:emc:networker:7.4:*:*:*:*:*:*:* |
| emc | networker | 7.4 | cpe:2.3:a:emc:networker:7.4:sp1:*:*:*:*:*:* |
| emc | networker | 7.4 | cpe:2.3:a:emc:networker:7.4:sp2:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-0940
2013-05-03 10:00:00
nvd
nvd
CVE-2013-0940
2013-05-03 11:57:41
prion
prion
Code injection
2013-05-03 11:57:00
securityvulns
securityvulns
EMC Networker privilege escalation
2013-05-04 00:00:00
nessus
nessus
EMC NetWorker nsrpush Process Local Privilege Escalation
2013-09-19 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2013-0940