2 matches found
Veritas NetBackup Appliance 2.7.x / 3.0.x Remote Command Execution (VTS17-005)
According to its self-reported version, the remote Veritas NetBackup Appliance is 2.7.x or 3.0.x, and may be missing a vendor-supplied security patch. It is, therefore, affected by a remote command execution vulnerability due to improper validation of user-supplied input. An unauthenticated, remo...
CVE-2017-8859
Veritas NetBackup Appliance 2.7.x and 3.0.x are affected by a remote command execution vulnerability. An unauthenticated attacker can issue a crafted GET request (via /appliancews/getLicense with a hostName parameter) to execute arbitrary commands as root due to improper input validation. Nessus ...