7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.592 Medium
EPSS
Percentile
97.8%
Added: 11/09/2012
CVE: CVE-2012-2971
BID: 56116
OSVDB: 86416
CA ARCserve Backup (formerly BrightStor ARCserve Backup) is a backup and recovery solution.
An invalid virtual function call in the authentication service allows remote attackers to execute arbitrary commands.
Apply one of the patches described in CA20121018-01.
<http://secunia.com/advisories/51012/>
Exploit works on CA ARCserve Backup r16 on Windows Server 2003 SP2 English (DEP AlwaysOff).
Windows