Command injection

2007-10-0120:17:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.068 Low

EPSS

Percentile

93.9%

JSON

Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores.

CPENameOperatorVersion
brightstor_arcserve_backup_laptops_desktopseq4.0
brightstor_arcserve_backup_laptops_desktopseq11.5
brightstor_arcserve_backup_laptops_desktopseq11.0
brightstor_arcserve_backup_laptops_desktopseq11.1
brightstor_arcserve_backup_laptops_desktopseq11.1 sp1
desktop_management_suiteeq11.2
desktop_management_suiteeq11.0
desktop_management_suiteeq11.1
protection_suiteseq2.0.114

Name	Operator	Version
brightstor_arcserve_backup_laptops_desktops	eq	4.0
brightstor_arcserve_backup_laptops_desktops	eq	11.5
brightstor_arcserve_backup_laptops_desktops	eq	11.0
brightstor_arcserve_backup_laptops_desktops	eq	11.1
brightstor_arcserve_backup_laptops_desktops	eq	11.1 sp1
desktop_management_suite	eq	11.2
desktop_management_suite	eq	11.0
desktop_management_suite	eq	11.1
protection_suites	eq	2.0.114