VDB
CVE-2005-0358
CVE-2005-0358
PUBLISHED
CVSS 7.5 HIGH
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
EPSS 17.89% · 95.3th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
17.89%
95.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| sun | storedge_enterprise_backup_software | 7.0, 7.1, 7.2 |
| emc | legato_networker | 7.2, 4.2.2, 6.0 |
| sun | solstice_backup | 6.0, 6.1 |
Timeline
- Aug 20, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- VU#407641 third-party-advisory
- 16470 third-party-advisory
- 16464 third-party-advisory
- 1014713 vdb
- http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm url
- 14582 vdb
- legato-token-gain-privileges(21892) vdb
- 101886 vendor-advisory
- 18801 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2005-0358 advisory