CVE-2011-3011

UNRATED

High EPSS

Description

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.

Affected products

ca / arcserve_d2dr15 – r15

References

MISChttp://securityreason.com/securityalert/8338
MISChttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B7D3ACC0F-6C01-4BE2-B5C0-C430CEB45BE6%7D
MISChttp://www.securityfocus.com/archive/1/519234/100/0/threaded
MISChttp://www.securityfocus.com/bid/48897