Netbackup Security Vulnerabilities and Issues — Netbackup CVE List

Lucene search

VeritasNetbackup

11 matches found

CVE•added 2017/03/02 6:59 a.m.•55 views

CVE-2017-6403

An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password.

9.8CVSS9.3AI score0.0246EPSS

CVE•added 2017/03/02 6:59 a.m.•52 views

CVE-2017-6400

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged command execution on NetBackup Server and Client can occur (on the local system).

8.8CVSS8.9AI score0.00068EPSS

CVE•added 2017/03/02 6:59 a.m.•52 views

CVE-2017-6401

An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat.

7.8CVSS8.4AI score0.00047EPSS

CVE•added 2017/03/02 6:59 a.m.•51 views

CVE-2017-6402

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup server can occur.

6.5CVSS7AI score0.00426EPSS

CVE•added 2017/03/02 6:59 a.m.•50 views

CVE-2017-6406

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with "../" substrings, can occur.

8.8CVSS9AI score0.00068EPSS

CVE•added 2017/03/02 6:59 a.m.•50 views

CVE-2017-6409

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access.

9.8CVSS9.3AI score0.00528EPSS

CVE•added 2017/03/02 6:59 a.m.•49 views

CVE-2017-6405

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing.

7.5CVSS7.9AI score0.00195EPSS

CVE•added 2017/03/02 6:59 a.m.•49 views

CVE-2017-6407

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur.

8.8CVSS9.1AI score0.00241EPSS

CVE•added 2017/03/02 6:59 a.m.•48 views

CVE-2017-6399

8.8CVSS9.1AI score0.00344EPSS

CVE•added 2017/03/02 6:59 a.m.•45 views

CVE-2017-6408

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured.

7CVSS7.2AI score0.00032EPSS

CVE•added 2017/03/02 6:59 a.m.•38 views

CVE-2017-6404

An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data.

5.5CVSS6.4AI score0.00047EPSS