Описание
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:symantec:veritas_storage_foundation:5.0:*:windows:*:*:*:*:*
EPSS
Процентиль: 94%
0.1309
Средний
9.3 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.
EPSS
Процентиль: 94%
0.1309
Средний
9.3 Critical
CVSS2
Дефекты
CWE-264