CVE-2023-37237
https://notcve.org/view.php?id=CVE-2023-37237
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. • https://www.veritas.com/content/support/en_US/security/VTS23-004 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2019-9868
https://notcve.org/view.php?id=CVE-2019-9868
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña SMTP se muestra a un administrador. • http://www.securityfocus.com/bid/107567 https://www.veritas.com/content/support/en_US/security/VTS19-001.html#Issue1 • CWE-522: Insufficiently Protected Credentials •
CVE-2019-9867
https://notcve.org/view.php?id=CVE-2019-9867
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña del servidor proxy se muestra a un administrador. • http://www.securityfocus.com/bid/107567 https://www.veritas.com/content/support/en_US/security/VTS19-001.html#Issue2 • CWE-522: Insufficiently Protected Credentials •
CVE-2018-18652
https://notcve.org/view.php?id=CVE-2018-18652
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input. Una vulnerabilidad de ejecución remota de comandos en Veritas NetBackup Appliance en versiones anteriores a la 3.1.2 permite que administradores autenticados ejecuten comandos arbitrarios como root. El problema viene provocado por el filtrado insuficiente de entradas proporcionadas por el usuario. • http://www.securityfocus.com/bid/105737 https://www.veritas.com/content/support/en_US/security/VTS18-003.html •
CVE-2017-8858
https://notcve.org/view.php?id=CVE-2017-8858
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. En Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y anteriores, existe una escritura con privilegios remota de archivos no autenticada utilizando el proceso 'bprd'. • http://www.securityfocus.com/bid/98381 https://www.veritas.com/content/support/en_US/security/VTS17-004.html#Issue3 • CWE-732: Incorrect Permission Assignment for Critical Resource •