VYPR
Unrated severityNVD Advisory· Published Aug 5, 2013· Updated Jun 16, 2026

CVE-2013-4677

CVE-2013-4677

Description

Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.

Affected products

6
  • cpe:2.3:a:symantec:backup_exec:2010:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:symantec:backup_exec:2010:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:backup_exec:2010_r3:sp1:*:*:*:*:*:*
    • cpe:2.3:a:symantec:backup_exec:2010_r3:sp2:*:*:*:*:*:*
    • cpe:2.3:a:symantec:backup_exec:2012:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:backup_exec:2012:sp1:*:*:*:*:*:*
    • (no CPE)range: 2010 R3 < SP3, 2012 < SP2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.