Improper ACL Enforcement in Bacula Allows Unauthorized Resource Dump Access

Improper ACL Enforcement in Bacula Allows Unauthorized Resource Dump Access

CVE-2012-4430 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.

Learn more about our User Device Pen Test.