[email protected]CVE-2012-2971

HistoryOct 20, 2012 - 10:41 a.m.

CVE-2012-2971

2012-10-2010:41:00

CWE-94

[email protected]

web.nvd.nist.gov

137

cve-2012-2971

ca arcserve backup

windows

rpc

remote code execution

denial of service

nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.592 Medium

EPSS

Percentile

97.7%

JSON

The server in CA ARCserve Backup r12.5, r15, and r16 on Windows does not properly process RPC requests, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted request.

References

osvdb.org/86416

packetstormsecurity.com/files/119543/Security-Notice-For-CA-ARCserve-Backup.html

seclists.org/fulldisclosure/2013/Jan/86

secunia.com/advisories/51012

exchange.xforce.ibmcloud.com/vulnerabilities/79476

support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BF9EEA31E-8089-423E-B746-41B5C9DD2AC1%7D

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.592 Medium

EPSS

Percentile

97.7%

JSON

Related for CVE-2012-2971

checkpoint_advisories1 saint4 prion1 cert1 cvelist1 securityvulns2 nessus2 openvas2