Remote Command Execution Vulnerability in Veritas NetBackup Products
CVE-2017-6399

8.8HIGH

Key Information:

Vendor: Veritas
Status: Netbackup Appliance; Netbackup; Access
Vendor: CVE Published:; 2 March 2017

Summary

A security issue was identified in Veritas NetBackup products, allowing an attacker to execute commands remotely with elevated privileges. This vulnerability affects both the NetBackup Server and connected clients, enabling unauthorized access to sensitive components of the system if exploited. Organizations using versions prior to 7.7.2 for NetBackup and 2.7.2 for NetBackup Appliance should take immediate action to mitigate potential threats and secure their environments.

References

http://www.securityfocus.com/bid/96490

vdb-entryx_refsource_BID

https://www.veritas.com/content/support/en_US/security/VT...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 2, 2017
Vulnerability Reserved
Mar 1, 2017