← Back

CVE-2013-4677

nvd nist
Published: Aug 5, 2013Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:L/AC:L/Au:S/C:P/I:P/A:P
Exploitability: 3.1 / Impact: 6.4
Source: NVD

Description

Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.

Affected (5)

Symantec
1 product
Backup Exec
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Symantec
Backup Exec
Version 2010
Backup Exec
Version 2010_r3 sp1
Backup Exec
Version 2010_r3 sp2
Backup Exec
Version 2012
Backup Exec
Version 2012 sp1

Related CWEs

CWE-264
CWE-264

References (6)

Source: secure@symantec.com
Source: secure@symantec.com
Source: secure@symantec.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.