Vulnerability in Emc Networker

CVE-2013-0940

The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

EPSS: 0.000 (9.9th percentile) — read the EPSS interpretation.

Affected products

Emc Networker — versions 6.0, 6.1, 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

20130502 ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability (mailing-list, x_refsource_BUGTRAQ)