Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-0546
HistoryMay 31, 2011 - 8:55 p.m.

CVE-2011-0546

2011-05-3120:55:01
CWE-20
[email protected]
web.nvd.nist.gov
3

CVSS2

6.5

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:S/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

49.5%

JSON

Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle attackers to execute NDMP commands via unspecified vectors.

Affected configurations

Nvd
Node
symantecbackup_execMatch11.0
OR
symantecbackup_execMatch12.0
OR
symantecbackup_execMatch12.5
OR
symantecbackup_execMatch13.0
OR
symantecbackup_execMatch13.0r2
VendorProductVersionCPE
symantecbackup_exec11.0cpe:2.3:a:symantec:backup_exec:11.0:*:*:*:*:*:*:*
symantecbackup_exec12.0cpe:2.3:a:symantec:backup_exec:12.0:*:*:*:*:*:*:*
symantecbackup_exec12.5cpe:2.3:a:symantec:backup_exec:12.5:*:*:*:*:*:*:*
symantecbackup_exec13.0cpe:2.3:a:symantec:backup_exec:13.0:*:*:*:*:*:*:*
symantecbackup_exec13.0cpe:2.3:a:symantec:backup_exec:13.0:r2:*:*:*:*:*:*

Related

prion 1
exploitdb 1
securityvulns 2
seebug 1
openvas 2
cvelist 1
cve 1
exploitpack 1
nessus 12
prion
prion
Code injection
2011-05-31 20:55:00
exploitdb
exploitdb
Symantec Backup Exec 12.5 - Man In The Middle
2011-07-09 00:00:00
securityvulns
securityvulns
Symantec Veritas Backup Exec code execution
2011-09-05 00:00:00
[security bulletin] HPSBUX02700 SSRT100506 rev.1 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code
2011-09-05 00:00:00
seebug
seebug
Symantec Backup Exec 12.5 MiTM Attack
2011-07-10 00:00:00
openvas
openvas
Symantec Backup Exec Products Arbitrary Command Execution vulnerability
2011-06-17 00:00:00
Symantec Backup Exec Products Arbitrary Command Execution vulnerability
2011-06-17 00:00:00
cvelist
cvelist
CVE-2011-0546
2011-05-31 20:00:00
cve
cve
CVE-2011-0546
2011-05-31 20:55:01
exploitpack
exploitpack
Symantec Backup Exec 12.5 - Man In The Middle
2011-07-09 00:00:00
nessus
nessus
Symantec Backup Exec Server Unauthorized Access (SYM11-006)
2011-06-14 00:00:00
HP-UX PHCO_42173 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)
2012-03-06 00:00:00
HP-UX PHCO_42317 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)
2012-03-06 00:00:00

CVSS2

6.5

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:S/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

49.5%

JSON
Related for NVD:CVE-2011-0546
prion1exploitdb1securityvulns2seebug1openvas2cvelist1cve1exploitpack1nessus12