CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
9.5%
Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.
Vendor | Product | Version | CPE |
---|---|---|---|
symantec | backup_exec | 2010 | cpe:2.3:a:symantec:backup_exec:2010:*:*:*:*:*:*:* |
symantec | backup_exec | 2010_r3 | cpe:2.3:a:symantec:backup_exec:2010_r3:sp1:*:*:*:*:*:* |
symantec | backup_exec | 2010_r3 | cpe:2.3:a:symantec:backup_exec:2010_r3:sp2:*:*:*:*:*:* |
symantec | backup_exec | 2012 | cpe:2.3:a:symantec:backup_exec:2012:*:*:*:*:*:*:* |
symantec | backup_exec | 2012 | cpe:2.3:a:symantec:backup_exec:2012:sp1:*:*:*:*:*:* |