Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Backup Exec 本地不安全文件权限漏洞
Vulnerability Description
Symantec Backup Exec是美国赛门铁克(Symantec)公司的一套业务备份解决方案。该解决方案为虚拟和物理环境提供数据保护和系统恢复功能。 Symantec Backup Exec 2012版本和Symantec Backup Exec 2010 R3版本中存在安全漏洞,该漏洞源于程序对备份数据文件使用弱权限(设置全局可读写权限)。本地攻击者可通过直接访问这些文件利用该漏洞获得敏感信息,或修改备份数据内容。
CVSS Information
N/A
Vulnerability Type
N/A