23 results (0.004 seconds)

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. • https://www.veritas.com/content/support/en_US/security/VTS23-004 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña SMTP se muestra a un administrador. • http://www.securityfocus.com/bid/107567 https://www.veritas.com/content/support/en_US/security/VTS19-001.html#Issue1 • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña del servidor proxy se muestra a un administrador. • http://www.securityfocus.com/bid/107567 https://www.veritas.com/content/support/en_US/security/VTS19-001.html#Issue2 • CWE-522: Insufficiently Protected Credentials •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input. Una vulnerabilidad de ejecución remota de comandos en Veritas NetBackup Appliance en versiones anteriores a la 3.1.2 permite que administradores autenticados ejecuten comandos arbitrarios como root. El problema viene provocado por el filtrado insuficiente de entradas proporcionadas por el usuario. • http://www.securityfocus.com/bid/105737 https://www.veritas.com/content/support/en_US/security/VTS18-003.html •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. Veritas NetBackup 8.0 y anteriores y NetBackup Appliance 3.0 y anteriores están afectadas por una copia de archivos sin autenticación y ejecución de comandos de forma arbitraria a través del proceso 'bprd'. • http://www.securityfocus.com/bid/98384 https://www.veritas.com/content/support/en_US/security/VTS17-004.html#Issue2 • CWE-732: Incorrect Permission Assignment for Critical Resource •