CVE-2007-5328
Published Oct 13, 2007
Last updated 4 years ago
Overview
- Description
- The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14"
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "443AB333-2C99-42FF-8F4E-A487BF588E85"
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C339825-77F9-478A-B1F7-A297D5715396"
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36"
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414"
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597"
}
],
"operator": "OR"
}
]
}
]