CVE-2011-1421
First published: Fri Apr 22 2011(Updated: )
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetWorker | =7.5.2.0 | |
| NetWorker | =7.5.2.1 | |
| NetWorker | =7.5.2.2 | |
| NetWorker | =7.5.2.3 | |
| NetWorker | =7.5.2.4 | |
| NetWorker | =7.5.3 | |
| NetWorker | =7.5.3.1 | |
| NetWorker | =7.5.3.2 | |
| NetWorker | =7.5.3.3 | |
| NetWorker | =7.5.3.4 | |
| NetWorker | =7.5.3.5 | |
| NetWorker | =7.5.4 | |
| NetWorker | =7.5.4.1 | |
| NetWorker | =7.5.4.2 | |
| NetWorker | =7.6 | |
| NetWorker | =7.6-sp1 | |
| NetWorker | =7.6.0.2 | |
| NetWorker | =7.6.0.3 | |
| NetWorker | =7.6.0.4 | |
| NetWorker | =7.6.0.5 | |
| NetWorker | =7.6.0.6 | |
| NetWorker | =7.6.0.7 | |
| NetWorker | =7.6.0.8 | |
| NetWorker | =7.6.0.9 | |
| NetWorker | =7.6.1 | |
| NetWorker | =7.6.1.1 | |
| NetWorker | =7.6.1.2 | |
| NetWorker | =7.6.1.3 | |
| NetWorker | =7.6.1.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-1421?
CVE-2011-1421 has been rated as a high severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2011-1421?
To mitigate CVE-2011-1421, ensure you upgrade to EMC NetWorker version 7.5.4.3 or 7.6.1.5 or later.
What versions of EMC NetWorker are affected by CVE-2011-1421?
CVE-2011-1421 affects EMC NetWorker versions 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5.
Can local users exploit CVE-2011-1421?
Yes, local users can exploit CVE-2011-1421 due to weak permissions associated with an unspecified file.
What impact does CVE-2011-1421 have on system security?
CVE-2011-1421 can allow unauthorized users to gain elevated privileges on systems running vulnerable versions of EMC NetWorker.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/emc
- canonical/networker
- version/networker/7.5.2.0
- version/networker/7.5.2.1
- version/networker/7.5.2.2
- version/networker/7.5.2.3
- version/networker/7.5.2.4
- version/networker/7.5.3
- version/networker/7.5.3.1
- version/networker/7.5.3.2
- version/networker/7.5.3.3
- version/networker/7.5.3.4
- version/networker/7.5.3.5
- version/networker/7.5.4
- version/networker/7.5.4.1
- version/networker/7.5.4.2
- version/networker/7.6
- version/networker/7.6-sp1
- version/networker/7.6.0.2
- version/networker/7.6.0.3
- version/networker/7.6.0.4
- version/networker/7.6.0.5
- version/networker/7.6.0.6
- version/networker/7.6.0.7
- version/networker/7.6.0.8
- version/networker/7.6.0.9
- version/networker/7.6.1
- version/networker/7.6.1.1
- version/networker/7.6.1.2
- version/networker/7.6.1.3
- version/networker/7.6.1.4