Vulnerability Description
The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors.
CVSS Score
2.7
LOW
AV:A/AC:L/Au:S/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Backup Exec | 2010 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/61488
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
- http://www.securityfocus.com/bid/61488
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
FAQ
What is CVE-2013-4678?
CVE-2013-4678 is a vulnerability with a CVSS score of 2.7 (LOW). The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified v...
How severe is CVE-2013-4678?
CVE-2013-4678 has been rated LOW with a CVSS base score of 2.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4678?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Backup Exec.