Release DateDec 23, 2011 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can run arbitrary commands on vulnerable systems. |
DescriptionThis indicates a possible attack against a Command Injection vulnerability in Autonomy Connected Backup.The vulnerability is due to insufficient validation of commands. A remote attacker can exploit this by sending a specially crafted Type 13 command. Successful attacks may allow attackers to execute arbitrary code on the vulnerable systems. |
Affected ProductsAutonomy Connected Backup 8.2.2 - 8.5.1 |
Recommended ActionsUpgrade to the latest version, available from the website:http://customers.autonomy.com http://digitalresourcecenter.ironmountain.com |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-2397 |
