CVE-2012-2972

high

Description

The (1) server and (2) agent components in CA ARCserve Backup r12.5, r15, and r16 on Windows do not properly validate RPC requests, which allows remote attackers to cause a denial of service (service crash) via a crafted request.

References

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BF9EEA31E-8089-423E-B746-41B5C9DD2AC1%7D

https://exchange.xforce.ibmcloud.com/vulnerabilities/79477

http://www.kb.cert.org/vuls/id/408099

http://secunia.com/advisories/51012

http://seclists.org/fulldisclosure/2013/Jan/86

http://packetstormsecurity.com/files/119543/Security-Notice-For-CA-ARCserve-Backup.html

http://osvdb.org/86415

Details

Source: Mitre, NVD

Published: 2012-10-20

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.04349

Detections

Analytics