VOX

I have check our version of BE, and it has SP4 installed, and Hotfix 358478.  I have pushed the agent again to the ONE clien to test it out, and the security scan still pickup the security hole mention above on the two links.  Is there a documentation stating SP4 fixes Hotfix 314380 for 12.5

I have not yet remove the agent, and push it again..Can't upgrade BE version right now since hardware and software limitation.

You guy doesn't have that hotfixes store in an archive somewhere?

Hotfix 314380 would definitely have been included in all the later Service packs for BE 12.5 and in fact no point in us re-issuing the hotfix installation file (even if we could) as it will not install over Service Pack 4 anyway

If your vulnerability checker is still showing a problem, then you will need to get onto a newer BE version (unless it is warning you about the vulnerability but not able to validate that you already have the fix)

Ok, Thanks

I have remove the Remote Agents, and repushed again from BE 12.5 rev 2213 with SP4 update.  And will has to have it scan again to see if that would pass the vuneribility test...  If not, what option do we have?

Yes, we are NOT using Remote Agent 10.0.5484 (autofill fill that in, I wasnt aware).  Do we have a higher version of 10.0.5484 that would work with BE 12.5 rev 2213?

OK so I think you need some product history

10.0.5484 is the first version of Backup Exec 10D and was released in 2005

12.5.2213 is Backup Exec 12.5 and was released in 2008 but is actually the 6th version after 10.0.5484 (hence the agents for 10D might work with 12.5 but are really old and should not be used with 12.5 (12.5 agents will not work at all with 10.0.5484 as while we do offer backward compatibility that would count as forward compatibility ). If you do not have 10.0 in your environment and this was a mistake in your initial post then anythign to do with an even older version is not an option.

After 12.5 we released three 2010 versions, 2012, 2014 , 15, 16 and 20.x. Which means not only is 12.5 itself 10 years old but it has also been replaced by 8 newer versions (and that count does not include service packs)  as such not only do we no longer support 12.5 but discontinued developing patches for it some time ago.  If you already have SP4 installed on 12.5 then there is no further update and nothing you can achieve with that version and you will need a newer version fo Backup Exec (which will have a cost)

As I previously stated - if you have concerns about security vulnerabilities then in no way does 12.5 have updates for anything recent, so really your best option is invest in newer software. Unfortunately the latest Backup Exec versions do not support older operating system or applications (anything 32bit for starters) but then anything too old for Backup Exec to support probably also has a huge number of potential security vulnerabilities as such you may be need to invest in more than just a an update to the backup software (and should carefully check compatibility lists )

As this current time I doubt you have any options that do not have a significant cost to them (but then how much is you data worth if you lost it all.)