RSS   Vulnerabilities for 'Netbackup appliance'   RSS

2019-03-21
 
CVE-2019-9868

CWE-255
 

 
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator.

 
 
CVE-2019-9867

CWE-255
 

 
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator.

 
2018-10-25
 
CVE-2018-18652

CWE-20
 

 
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.

 
2017-05-09
 
CVE-2017-8859

CWE-noinfo
 

 
In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.

 
 
CVE-2017-8858

CWE-732
 

 
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process.

 
 
CVE-2017-8857

CWE-732
 

 
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.

 
 
CVE-2017-8856

CWE-732
 

 
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.

 
2017-03-02
 
CVE-2017-6409

CWE-306
 

 
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access.

 
 
CVE-2017-6408

CWE-362
 

 
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured.

 
 
CVE-2017-6407

CWE-noinfo
 

 
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur.

 


Copyright 2020, cxsecurity.com

 

Back to Top