Vulnerability Details : CVE-2007-2360
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
Products affected by CVE-2007-2360
- cpe:2.3:a:symantec:norton_ghost:10.0:*:norton_system_works:*:*:*:*:*
- cpe:2.3:a:symantec:norton_ghost:10.01:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_ghost:10.0:*:dell:*:*:*:*:*
- cpe:2.3:a:symantec:backupexec_system_recovery:6.52:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:backupexec_system_recovery:6.52a:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:backupexec_system_recovery:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:backupexec_system_recovery:6.53:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:livestate_recovery:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:livestate_recovery:6.01:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:livestate_recovery:6.02:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_save_and_recovery:11.01b:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_save_and_recovery:1.01:*:sony_euro:*:*:*:*:*
- cpe:2.3:a:symantec:norton_save_and_recovery:1.01b:*:norton_system_works_2007:*:*:*:*:*
- cpe:2.3:a:symantec:norton_save_and_recovery:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_save_and_recovery:11.01:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-2360
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 42 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-2360
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:L/AC:L/Au:S/C:C/I:C/A:C |
3.1
|
10.0
|
NIST |
References for CVE-2007-2360
Jump to