Command injection

2017-03-0206:59:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with “…/” substrings, can occur.

CPENameOperatorVersion
accessle7.2.1
netbackuple7.7.1
netbackup_appliancele2.7.1

Name	Operator	Version
access	le	7.2.1
netbackup	le	7.7.1
netbackup_appliance	le	2.7.1

References

www.securityfocus.com/bid/96486

www.veritas.com/content/support/en_US/security/VTS17-003.html