CA.BrightStor.ARCserve.Backup.caloggerd.Arbitrary.File.Write

description-logoDescription

This indicates an attempt to exploit a path-traversal vulnerability in BrightStor ARCServe Backup.
The vulnerability is caused by a parameter-check error in the caloggerd daemon. It allows a remote attacker to add arbitrary content to the victim's system by sending a special parameter.

affected-products-logoAffected Products

CA BrightStor ARCServe Backup 11.0
CA BrightStor ARCServe Backup 11.1
CA BrightStor ARCServe Backup 11.5

Impact logoImpact

System compromise: remote code execution.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor at the following website:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)