- Description
- nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- nvd@nist.gov
- CWE-399
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:legato_networker:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C2D787A-DCA0-45CE-A5C3-41850970B468"
},
{
"criteria": "cpe:2.3:a:emc:legato_networker:7.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FA00514-6EFF-4BE4-A49E-30C4FF42998B"
},
{
"criteria": "cpe:2.3:a:emc:legato_networker:7.2_build172:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E0DFF6E-6234-4C04-AD61-BDB52CFFF7EF"
}
],
"operator": "OR"
}
]
}
]