CVE-2012-2971

critical

Description

The server in CA ARCserve Backup r12.5, r15, and r16 on Windows does not properly process RPC requests, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted request.

References

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BF9EEA31E-8089-423E-B746-41B5C9DD2AC1%7D

https://exchange.xforce.ibmcloud.com/vulnerabilities/79476

http://secunia.com/advisories/51012

http://seclists.org/fulldisclosure/2013/Jan/86

http://packetstormsecurity.com/files/119543/Security-Notice-For-CA-ARCserve-Backup.html

http://osvdb.org/86416

Details

Source: Mitre, NVD

Published: 2012-10-20

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.03288

Detections

Analytics