Vulnerability Description
Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec Veritas | Backup Exec | <= 8.5 |
References
- http://marc.info/?l=bugtraq&m=103134395124579&w=2
- http://marc.info/?l=bugtraq&m=103134930629683&w=2
- http://seer.support.veritas.com/docs/238618.htm
- http://www.osvdb.org/8230
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10093
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://marc.info/?l=bugtraq&m=103134395124579&w=2
- http://marc.info/?l=bugtraq&m=103134930629683&w=2
- http://seer.support.veritas.com/docs/238618.htm
- http://www.osvdb.org/8230
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10093
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2002-1117?
CVE-2002-1117 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
How severe is CVE-2002-1117?
CVE-2002-1117 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1117?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Veritas Backup Exec.