CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
9.5%
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
Vendor | Product | Version | CPE |
---|---|---|---|
symantec | backupexec_system_recovery | 6.5 | cpe:2.3:a:symantec:backupexec_system_recovery:6.5:*:*:*:*:*:*:* |
symantec | backupexec_system_recovery | 6.52 | cpe:2.3:a:symantec:backupexec_system_recovery:6.52:*:*:*:*:*:*:* |
symantec | backupexec_system_recovery | 6.52a | cpe:2.3:a:symantec:backupexec_system_recovery:6.52a:*:*:*:*:*:*:* |
symantec | backupexec_system_recovery | 6.53 | cpe:2.3:a:symantec:backupexec_system_recovery:6.53:*:*:*:*:*:*:* |
symantec | livestate_recovery | 6.0 | cpe:2.3:a:symantec:livestate_recovery:6.0:*:*:*:*:*:*:* |
symantec | livestate_recovery | 6.01 | cpe:2.3:a:symantec:livestate_recovery:6.01:*:*:*:*:*:*:* |
symantec | livestate_recovery | 6.02 | cpe:2.3:a:symantec:livestate_recovery:6.02:*:*:*:*:*:*:* |
symantec | norton_ghost | 10.0 | cpe:2.3:a:symantec:norton_ghost:10.0:*:dell:*:*:*:*:* |
symantec | norton_ghost | 10.0 | cpe:2.3:a:symantec:norton_ghost:10.0:*:norton_system_works:*:*:*:*:* |
symantec | norton_ghost | 10.01 | cpe:2.3:a:symantec:norton_ghost:10.01:*:*:*:*:*:*:* |