2 matches found
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup Get method requests. The issue results from...
CVE-2017-17422
CVE-2017-17422 affects Quest NetVault Backup before 11.4.5 (specifically 11.3.0.12 in the initial data) and is triggered via the NVBUBackup Get method. The root cause is insufficient validation of a user-supplied string used to construct SQL queries, enabling remote code execution in the context ...