4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
54.5%
The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does
not properly enforce ACL rules, which allows remote authenticated users to
obtain resource dump information via unspecified vectors.