CVE Vulnerabilities

CVE-2013-4677

Published: Aug 05, 2013 | Modified: Aug 22, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:L/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.

Affected Software

Name Vendor Start Version End Version
Backup_exec Symantec 2010 2010
Backup_exec Symantec 2010_r3 2010_r3
Backup_exec Symantec 2010_r3 2010_r3
Backup_exec Symantec 2012 2012
Backup_exec Symantec 2012 2012

References