{ "id": "CVE-2011-1421", "sourceIdentifier": "security_alert@emc.com", "published": "2011-04-22T10:55:02.110", "lastModified": "2018-10-09T19:30:51.613", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors." }, { "lang": "es", "value": "EMC NetWorker v7.5.x anterior a v7.5.4.3 y v7.6.x anterior a v7.6.1.5, cuando la funci\u00f3n Client Push cliente est\u00e1 habilitada, utiliza permisos d\u00e9biles para un archivo no especificado, lo que permite a usuarios locales conseguir privilegios a trav\u00e9s de vectores desconocidos." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 6.9 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.4, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-264" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5B48E6E-E5C8-4C1A-BAB5-5BE136B611E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FF03F62F-1633-405A-8B08-D5F7145A7174" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7271CDF-1D20-4942-A32C-39C1FDC2D265" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3436A42F-F1DF-4FFD-877A-308057A5F8C3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "A1A23D19-38B0-46A8-A26C-3250632D6E4E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "64F9AE15-2B14-4D76-83C2-0A7125F16D4C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CA7C510-9011-4CAE-A270-F730308BF239" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6105BB6A-22C4-4725-848A-281A7BF79725" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AD5FA049-FAE2-498D-BE11-213C55872BAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "2EA36CB9-307F-44B8-8CA0-41BDFE2F14FD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "17DE514C-CFCB-429B-B512-214310A80611" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "D64B74C8-38FD-4D28-950F-C3F2DE942980" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "73C726F9-6433-4236-8C57-D4232458B955" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "010991D9-9112-4B8B-8DE0-58ECF49A44F6" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "72846905-B210-4FC5-9B33-44901DEEFE37" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6:sp1:*:*:*:*:*:*", "matchCriteriaId": "89324C33-21D3-463A-9C52-C495F3DC3CD7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B8771B6-D668-47B7-B114-E6E111A2A322" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "ECE180DF-44A3-49FA-865E-774D51E2F574" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2EFDC5AA-A5F9-4F98-88CA-E83323C26255" }, { "vulnerable": true, "criteria": "cpe:2.3:a:emc:networker:7.6.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "731868F9-F611-442B-85B6-8E5C7A963DBA" } ] } ] } ], "references": [ { "url": "http://securityreason.com/securityalert/8214", "source": "security_alert@emc.com" }, { "url": "http://securitytracker.com/id?1025383", "source": "security_alert@emc.com" }, { "url": "http://www.securityfocus.com/archive/1/517532/100/0/threaded", "source": "security_alert@emc.com" }, { "url": "http://www.securityfocus.com/bid/47410", "source": "security_alert@emc.com" }, { "url": "http://www.vupen.com/english/advisories/2011/1025", "source": "security_alert@emc.com", "tags": [ "Vendor Advisory" ] } ] }