Описание
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- Patch
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:emc:legato_networker:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:emc:legato_networker:6.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:legato_networker:6.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:legato_networker:7.2:*:*:*:*:*:*:*
cpe:2.3:a:emc:legato_networker:7.13:*:*:*:*:*:*:*
cpe:2.3:a:sun:solstice_backup:6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:solstice_backup:6.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:storedge_enterprise_backup_software:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:storedge_enterprise_backup_software:7.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:storedge_enterprise_backup_software:7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17713
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
EPSS
Процентиль: 95%
0.17713
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other