Have several remote servers running Symantec Backup Exec For windows Servers 11d and receiving alerts through our IPS when it is trying to communicate back to our domain controller. The alert received is
Event Type Details: Symantec Storage Foundation for Windows VxSchedService.exe Authentication Bypass Vulnerability
Symantec Storage Foundation for Windows versions 5.0, 5.0 RP1a, and 5.1 contain a vulnerability that could alLow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to an error in the Storage Foundation for Windows Scheduler Service. An unauthenticated, remote attacker could exploit this vulnerability by establishing a connection to the affected service via TCP port 4888. The attacker could leverage this access to execute arbitrary by modifying the system registry with elevated privileges. Symantec has confirmed this vulnerability and released updated software.
Wondering if this product has same velnerability because it may use service as Symantec Storage Foundation but can find nothing regarding this.
Any help would be appreicated.
