CVE-2007-5006
6.8 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.071 Low
EPSS
Percentile
94.0%
Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores.
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=598
secunia.com/advisories/25606
supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp
www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006
www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677
www.securityfocus.com/archive/1/480252/100/100/threaded
www.securityfocus.com/bid/24348
www.securitytracker.com/id?1018728
Social References
More
Related
6.8 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.071 Low
EPSS
Percentile
94.0%