Unrated severityNVD Advisory· Published Aug 5, 2013· Updated Jun 16, 2026
CVE-2013-4677
CVE-2013-4677
Description
Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.
Affected products
6cpe:2.3:a:symantec:backup_exec:2010:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:symantec:backup_exec:2010:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:backup_exec:2010_r3:sp1:*:*:*:*:*:*
- cpe:2.3:a:symantec:backup_exec:2010_r3:sp2:*:*:*:*:*:*
- cpe:2.3:a:symantec:backup_exec:2012:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:backup_exec:2012:sp1:*:*:*:*:*:*
- (no CPE)range: 2010 R3 < SP3, 2012 < SP2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.