Lucene search
SymantecCVE-2013-4677HistoryAug 05, 2013 - 1:22 p.m.
CVE-2013-4677
2013-08-0513:22:52
CWE-264
symantec
web.nvd.nist.gov
25
symantec
backup exec
weak permissions
security vulnerability
nvd
CVSS2
4.3
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
AI Score
6
Confidence
Low
EPSS
0
Percentile
9.5%
Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.
Affected configurations
Node
symantecbackup_execMatch2010
ORsymantecbackup_execMatch2010_r3sp1
ORsymantecbackup_execMatch2010_r3sp2
ORsymantecbackup_execMatch2012
ORsymantecbackup_execMatch2012sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | backup_exec | 2010 | cpe:2.3:a:symantec:backup_exec:2010:*:*:*:*:*:*:* |
| symantec | backup_exec | 2010_r3 | cpe:2.3:a:symantec:backup_exec:2010_r3:sp1:*:*:*:*:*:* |
| symantec | backup_exec | 2010_r3 | cpe:2.3:a:symantec:backup_exec:2010_r3:sp2:*:*:*:*:*:* |
| symantec | backup_exec | 2012 | cpe:2.3:a:symantec:backup_exec:2012:*:*:*:*:*:*:* |
| symantec | backup_exec | 2012 | cpe:2.3:a:symantec:backup_exec:2012:sp1:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2013-08-05 13:22:00
cvelist
cvelist
CVE-2013-4677
2013-08-04 20:00:00
nvd
nvd
CVE-2013-4677
2013-08-05 13:22:52
nessus
nessus
Symantec Backup Exec Server Multiple Vulnerabilities (SYM13-009)
2013-08-08 00:00:00
kaspersky
kaspersky
KLA10351 Multiple vulnerabilities in Symantec Backup Exec
2013-08-05 00:00:00
CVSS2
4.3
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
AI Score
6
Confidence
Low
EPSS
0
Percentile
9.5%
Related for CVE-2013-4677