The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.006
Published
2012-10-10