Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-5332

CWE-3994 documents4 sources

Severity

10.0CRITICAL

EPSS

18.5%

top 4.76%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Broadcom Brightstor Arcserve Backup Broadcom Brightstor Enterprise Backup

Timeline

PublishedOct 13

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDbroadcom/brightstor_arcserve_backup5 versions+4

▶NVDbroadcom/brightstor_enterprise_backup10.5

Patches

Patch: supportconnectw.ca.com ↗Patch: supportconnectw.ca.com ↗

🔴Vulnerability Details

GHSA

GHSA-wwxv-q666-xrw2: Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9↗2022-05-01

▶

CVEList

CVE-2007-5332: Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9↗2007-10-13

▶

💥Exploits & PoCs

Exploit-DB

Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service↗2007-05-16

▶