VDB
CVE-2005-0357
CVE-2005-0357
PUBLISHED
CVSS 7.5 HIGH
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
EPSS 17.71% · 95.3th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
17.71%
95.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sun | solstice_backup | 6.1, 6.0 |
| emc | legato_networker | 6.1, 7.2, 7.13 |
| sun | storedge_enterprise_backup_software | 7.1, 7.2, 7.0 |
| n/a | n/a | n/a |
Timeline
- Aug 20, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 16470 third-party-advisory
- 16464 third-party-advisory
- 18800 vdb
- 1014713 vdb
- 14582 vdb
- http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm url
- 101886 vendor-advisory
- legato-authunix-bypass-authentication(21887) vdb
- VU#606857 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2005-0357 advisory