Vulnerability fixed in Veritas NetBackup

Symantec has fixed a vulnerability in Veritas NetBackup. The vulnerability is located the BPCD process and allows an unauthenticated malicious person to upload and execute with permissions from the backup process. No CVE ID has been disclosed for this vulnerability yet. Symantec has released...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

Design/Logic Flaw

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

Veritas Technologies Veritas NetBackup 安全漏洞

Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A security vulnerability exists in the Veritas NetBackup Appliance prior to version 4.1.0.1 MR3, which stems from an insecure privilege setting that could allow an...

PT-2023-25845 · Veritas · Veritas Netbackup Appliance

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup Appliance versions prior to 4.1.0.1 MR3 Description: The issue allows an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH due to insecure permissions. Recommendations:...

CVE-2023-37237

The CVE-2023-37237 issue affects Veritas NetBackup Appliance software prior to 4.1.0.1 MR3. Insecure permissions allow an authenticated Admin to bypass shell restrictions and execute arbitrary OS commands via SSH. Root cause: insecure permissions on the appliance environment. Impact: potential fu...

Veritas NetBackup prior to 10.0 Privilege Escalation (VTS23-006)

The Veritas NetBackup application installed on the remote Windows host is prior to 10.0 or is missing a vendor-supplied security hotfix. It is, therefore, affected by privilege escalation vulnerability. An issue was discovered in Veritas NetBackup before 10.0. A vulnerability in the way NetBackup...

Veritas NetBackup prior to 10.0 Privilege Escalation (VTS22-010#M2) (deprecated)

CVE-2023-28759 was part of VTS22-010M2 but is not any longer. It now appears on its own separate advisory, VTS23-006. A plugin for that advisory has replaced this one. %NASLMINLEVEL 80900 C Tenable, Inc. @DEPRECATED@ Disabled on 2022/05/12. Deprecated by veritasnetbackupVTS23-006.nasl...

Veritas NetBackup < 8.3 Multiple Vulnerabilities (VTS22-010)

The Veritas NetBackup application installed on the remote Windows host is prior to 8.3 and may be missing a vendor-supplied security hotfix. It is, therefore, affected by multiple vulnerabilities: - An attacker with local access can send a crafted packet to pbxexchange during registration and cau...

CVE-2023-26789

Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting XSS. The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user's browser...

CVE-2023-26789

Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting XSS. The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user's browser...

Cross site scripting

Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting XSS. The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user's browser...

CVE-2023-26789

CVE-2023-26789 affects Veritas NetBackUp OpsCenter 9.1.0.1. The vulnerability is a reflected Cross-Site Scripting (XSS) flaw caused by inadequate sanitization of special characters in the Web App, allowing an attacker to cause arbitrary HTML/JavaScript execution in a user’s browser. The documente...

Veritas NetBackUp OpsCenter 跨站脚本漏洞

Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A security vulnerability exists in Veritas NetBackUp OpsCenter version 9.1.0.1, which stems from not adequately cleaning up special characters. An attacker could...

CVE-2023-26789

Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting XSS. The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user's browser...

CVE-2023-26789

Veritas NetBackUp OpsCenter Version 9.1.0.1 is vulnerable to Reflected Cross-site scripting XSS. The Web App fails to adequately sanitize special characters. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user's browser...