8 matches found
CVE-2017-17659
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobHistory Get method requests. The issue results...
CVE-2017-17654
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup ClientList method requests. The issue resul...
CVE-2017-17417
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge method requests. The issue...
CVE-2017-17419
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUTransferHistory Get method requests. The issue...
CVE-2017-17416
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus GetPlugins method requests. The issue...
CVE-2017-17421
CVE-2017-17421 affects Quest NetVault Backup (notably 11.3.0.12); a SQL injection in NVBUSelectionSet Get requests allows remote code execution with no authentication. Root cause: improper validation of a user-supplied string used to build SQL queries. Documents indicate potential exploit paths a...
CVE-2017-17655
The CVE concerns Quest NetVault Backup (11.3.0.12). The vulnerability is a SQL injection in the NVBUBackup PluginList request handling, caused by improper validation of a user-supplied string used to construct SQL queries. This enables remote code execution in the context of the underlying databa...
CVE-2017-17419
Quest NetVault Backup 11.3.0.12 is affected by a remote SQL injection in NVBUTransferHistory Get requests due to improper validation of a user-supplied string used to build SQL queries. This can allow an attacker to execute arbitrary code in the context of the underlying database without authenti...