7.3 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.962 High
EPSS
Percentile
99.5%
The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain “insecure method calls” to modify the file system and registry, aka “Privileged function exposure.”
secunia.com/advisories/27192
supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
www.securityfocus.com/archive/1/482121/100/0/threaded
www.securityfocus.com/archive/1/484229/100/0/threaded
www.securityfocus.com/bid/26015
www.securitytracker.com/id?1018805
www.vupen.com/english/advisories/2007/3470
www.zerodayinitiative.com/advisories/ZDI-07-069.html
exchange.xforce.ibmcloud.com/vulnerabilities/37067