CVE-2013-4678

CWE-200 — Information Exposure3 documents3 sources

Severity

2.7LOW

EPSS

0.1%

top 71.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Backup Exec

Timeline

PublishedAug 5

Latest updateMay 17

Description

The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors.

CVSS vector

AV:A/AC:L/C:P/I:N/A:NExploitability: 5.1 | Impact: 2.9

Affected Packages1 packages

▶NVDsymantec/backup_exec2010, 2010_r3, 2012+2

🔴Vulnerability Details

GHSA

GHSA-4wwr-4536-fchr: The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain se↗2022-05-17

▶

CVEList

CVE-2013-4678: The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain se↗2013-08-04

▶