CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.
Vendor | Product | Version | CPE |
---|---|---|---|
symantec | backupexec_system_recovery | 6.5 | cpe:2.3:a:symantec:backupexec_system_recovery:6.5:*:*:*:*:*:*:* |
symantec | backupexec_system_recovery | 6.52 | cpe:2.3:a:symantec:backupexec_system_recovery:6.52:*:*:*:*:*:*:* |
symantec | backupexec_system_recovery | 6.52a | cpe:2.3:a:symantec:backupexec_system_recovery:6.52a:*:*:*:*:*:*:* |
symantec | backupexec_system_recovery | 6.53 | cpe:2.3:a:symantec:backupexec_system_recovery:6.53:*:*:*:*:*:*:* |
symantec | livestate_recovery | 6.0 | cpe:2.3:a:symantec:livestate_recovery:6.0:*:*:*:*:*:*:* |
symantec | livestate_recovery | 6.01 | cpe:2.3:a:symantec:livestate_recovery:6.01:*:*:*:*:*:*:* |
symantec | livestate_recovery | 6.02 | cpe:2.3:a:symantec:livestate_recovery:6.02:*:*:*:*:*:*:* |
symantec | norton_ghost | 10.0 | cpe:2.3:a:symantec:norton_ghost:10.0:*:*:*:*:*:*:* |
symantec | norton_ghost | 10.0 | cpe:2.3:a:symantec:norton_ghost:10.0:*:dell:*:*:*:*:* |
symantec | norton_ghost | 10.0 | cpe:2.3:a:symantec:norton_ghost:10.0:*:norton_system_works:*:*:*:*:* |