Vulnerability in Emc Networker

CVE-2011-1421

EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.

EPSS: 0.000 (14.3th percentile) — read the EPSS interpretation.

Affected products

Emc Networker — versions 7.5.2.0, 7.5.2.1, 7.5.2.2
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

ADV-2011-1025 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
1025383 (vdb-entry, x_refsource_SECTRACK)
8214 (x_refsource_SREASON, third-party-advisory)
20110418 ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability (mailing-list, x_refsource_BUGTRAQ)
47410 (vdb-entry, x_refsource_BID)
44237 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)