Vulnerability Details CVE-2011-3011
BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.66
EPSS Ranking 98.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://securityreason.com/securityalert/8338
- http://www.securityfocus.com/archive/1/519234/100/0/threaded
- http://www.securityfocus.com/bid/48897
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B7D3ACC0F-6C01-4BE2-B5C0-C430CEB45BE6%7D
- http://securityreason.com/securityalert/8338
- http://www.securityfocus.com/archive/1/519234/100/0/threaded
- http://www.securityfocus.com/bid/48897
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B7D3ACC0F-6C01-4BE2-B5C0-C430CEB45BE6%7D
Products affected by CVE-2011-3011
-
cpe:2.3:a:ca:arcserve_d2d:r15