CVE-2008-5415

3 documents3 sources

Severity

10.0CRITICAL

EPSS

15.6%

top 5.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Arcserve Backup CA Arcserve Backup

Timeline

PublishedDec 11

Latest updateMay 13

Description

The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDca/arcserve_backupr11.1, r11.5+1

▶NVDbroadcom/arcserve_backupr12.0

Patches

Patch: support.ca.com ↗Patch: support.ca.com ↗

🔴Vulnerability Details

GHSA

GHSA-c74w-35f7-3qm7: The LDBserver service in the server in CA ARCserve Backup 11↗2022-05-13

▶

CVEList

CVE-2008-5415: The LDBserver service in the server in CA ARCserve Backup 11↗2008-12-11

▶