Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2007-5328

Published: Oct 13, 2007 | Modified: Apr 07, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2007-5328
CWEhttps://cwe.mitre.org/data/definitions/264.html

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain insecure method calls to modify the file system and registry, aka Privileged function exposure.

Affected Software

Name Vendor Start Version End Version
Brightstor_arcserve_backup Broadcom 10.5 10.5
Brightstor_arcserve_backup Broadcom 11.5 11.5
Brightstor_arcserve_backup Broadcom 11 11
Brightstor_arcserve_backup Broadcom 11.1 11.1
Brightstor_arcserve_backup Broadcom 9.01 9.01
Brightstor_enterprise_backup Broadcom 10.5 10.5

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2023 Aqua Security Software Ltd.   Privacy Policy | Terms of Use