CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6403
https://notcve.org/view.php?id=CVE-2017-6403
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 8.0 y NetBackup Appliance en versiones anteriores a 3.0. NetBackup Cloud Storage Service utiliza un nombre de usuario y contraseña codificados. • http://www.securityfocus.com/bid/96500 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue10 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6406
https://notcve.org/view.php?id=CVE-2017-6406
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with "../" substrings, can occur. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 7.7.2 y NetBackup Appliance en versiones anteriores a 2.7.2. Puede ocurrir la ejecución arbitraria de comandos privilegiados, usando el escape del directorio de lista blanca con subcadenas "../". • http://www.securityfocus.com/bid/96486 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue5 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6402
https://notcve.org/view.php?id=CVE-2017-6402
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup server can occur. Se ha descubierto un problema en Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores. Puede ocurrir la denegación de servicio que afecte al servidor NetBackup. • http://www.securityfocus.com/bid/96485 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue3 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6401
https://notcve.org/view.php?id=CVE-2017-6401
An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 8.0 y NetBackup Appliance en versiones anteriores a 3.0. Puede ocurrir ejecución local arbitraria de comandos cuando se utiliza bpcd y bpnbat. • http://www.securityfocus.com/bid/96493 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue6 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 1%CPEs: 13EXPL: 0CVE-2016-7399
https://notcve.org/view.php?id=CVE-2016-7399
scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense. scripts/license.pl en Veritas NetBackup Appliance 2.6.0.x hasta la versión 2.6.0.4, 2.6.1.x hasta la versión 2.6.1.2, 2.7.x hasta la versión 2.7.3 y 3.0.x permiten a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el parámetro hostName a appliancews/getLicense. • http://www.sec-1.com/blog/2016/veritas-netbackup-appliance-unauthenticated-remote-command-execution http://www.securityfocus.com/bid/94384 http://www.securitytracker.com/id/1037555 https://www.veritas.com/content/support/en_US/security/VTS16-002.html https://www.veritas.com/support/en_US/article.000116055 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •