CA addresses critical vulnerabilities in its backup products
CA, one of the world's largest IT management software providers, has again released an update for its BrightStor ARCserve Backup backup solution. The update resolves multiple critical vulnerabilities that could allow a remote attacker to gain complete administrative control of vulnerable systems. US-CERT (the United States Computer Emergency Readiness Team) has issued its own security advisory about the vulnerabilities and given the vulnerabilities a maximum risk rating of High.
According to CA, the vulnerabilities affect versions r11.5, r11.1, r11 for Windows and v9.01; however, BrightStor Enterprise Backup r10.5, CA Server Protection Suite r2, and CA Business Protection Suite r2 are also affected. More information regarding these vulnerabilities and available patches can be found in the CA BrightStor ARCserve Backup Security Notice.
- CA BrightStor ARCserve Backup Multiple Vulnerabilities, Security advisory by CA