Vulnerability Details : CVE-2011-1421
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.
Products affected by CVE-2011-1421
- cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6:sp1:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:networker:7.6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1421
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1421
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2011-1421
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1421
-
http://securitytracker.com/id?1025383
EMC NetWorker Incorrect Permissions Let Local Users Gain Elevated Privileges - SecurityTracker
-
http://www.securityfocus.com/archive/1/517532/100/0/threaded
SecurityFocus
-
http://securityreason.com/securityalert/8214
EMC NetWorker arbitrary code execution with elevated privileges vulnerability - CXSecurity.com
-
http://www.securityfocus.com/bid/47410
EMC NetWorker Unspecified File Remote Code Execution Vulnerability
-
http://www.vupen.com/english/advisories/2011/1025
Webmail | OVH- OVHVendor Advisory
Jump to