漏洞类别:Local
漏洞等级: 
漏洞信息
EMC NetWorker is a suite of enterprise level data protection software that unifies and automates backup to tape, disk-based, and flash-based storage media across physical and virtual environments for granular and disaster recovery.
A remote attacker from a NetWorker instance may execute commands, unauthenticated, on another NetWorker instance due to an unsafe authentication mechanism.
Affected Version
EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6
漏洞危害
On successful exploitation it allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.
解决方案
Solution to this issue is available. It is recommended to upgrade to following versions as they contains the fix.
EMC NetWorker version 8.2.2.6
EMC NetWorker version 8.2.3
EMC Networker version 9.0.0.6
Customers can download software from here.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论