Vulnerability Name: | CVE-2008-2512 (CCN-42714) | ||||||||
Assigned: | 2008-05-28 | ||||||||
Published: | 2008-05-28 | ||||||||
Updated: | 2017-08-08 | ||||||||
Summary: | Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N) 4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
4.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-22 | ||||||||
Vulnerability Consequences: | Obtain Information | ||||||||
References: | Source: MITRE Type: CNA CVE-2008-2512 Source: CCN Type: SA30432 Symantec Backup Exec System Recovery Manager Directory Traversal Source: SECUNIA Type: Patch, Vendor Advisory 30432 Source: CCN Type: SYM08-013 Symantec Backup Exec System Recovery Manager - Directory Traversal Vulnerability Source: CONFIRM Type: Patch http://securityresponse.symantec.com/avcenter/security/Content/2008.05.28c.html Source: CCN Type: SECTRACK ID: 1020128 Symantec Backup Exec System Recovery Manager Directory Traversal Bug Lets Remote Users Gain Access to the Target System Source: CCN Type: OSVDB ID: 45680 Symantec Backup Exec System Recovery Manager Traversal Arbitrary File Access Source: BID Type: UNKNOWN 29350 Source: CCN Type: BID-29350 Symantec Backup Exec System Recovery Manager Directory Traversal Vulnerability Source: SECTRACK Type: UNKNOWN 1020128 Source: VUPEN Type: UNKNOWN ADV-2008-1686 Source: XF Type: UNKNOWN recoverymanager-unspecified-dir-traversal(42714) Source: XF Type: UNKNOWN recoverymanager-unspecified-dir-traversal(42714) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |