CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-36169
https://notcve.org/view.php?id=CVE-2020-36169
06 Jan 2021 — An issue was discovered in Veritas NetBackup through 8.3.0.1 and OpsCenter through 8.3.0.1. Processes using OpenSSL attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under the top level of any drive. If a low privileged user creates an affected path with a library that the Veritas product attempts to load, they can execute arbitrary code as SYSTEM or Administrator. This gives the attacke... • https://www.veritas.com/content/support/en_US/security/VTS20-016#Issue1 •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2017-8856
https://notcve.org/view.php?id=CVE-2017-8856
09 May 2017 — In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. En Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores, hay una ejecución de comandos remotos arbitrarios no autenticados utilizando el proceso 'bprd'. • http://www.securityfocus.com/bid/98379 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 0CVE-2017-8857
https://notcve.org/view.php?id=CVE-2017-8857
09 May 2017 — In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. Veritas NetBackup 8.0 y anteriores y NetBackup Appliance 3.0 y anteriores están afectadas por una copia de archivos sin autenticación y ejecución de comandos de forma arbitraria a través del proceso 'bprd'. • http://www.securityfocus.com/bid/98384 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2017-8858
https://notcve.org/view.php?id=CVE-2017-8858
09 May 2017 — In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. En Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y anteriores, existe una escritura con privilegios remota de archivos no autenticada utilizando el proceso 'bprd'. • http://www.securityfocus.com/bid/98381 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6402
https://notcve.org/view.php?id=CVE-2017-6402
02 Mar 2017 — An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup server can occur. Se ha descubierto un problema en Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores. Puede ocurrir la denegación de servicio que afecte al servidor NetBackup. • http://www.securityfocus.com/bid/96485 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6401
https://notcve.org/view.php?id=CVE-2017-6401
02 Mar 2017 — An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 8.0 y NetBackup Appliance en versiones anteriores a 3.0. Puede ocurrir ejecución local arbitraria de comandos cuando se utiliza bpcd y bpnbat. • http://www.securityfocus.com/bid/96493 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2017-6403
https://notcve.org/view.php?id=CVE-2017-6403
02 Mar 2017 — An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 8.0 y NetBackup Appliance en versiones anteriores a 3.0. NetBackup Cloud Storage Service utiliza un nombre de usuario y contraseña codificados. • http://www.securityfocus.com/bid/96500 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6408
https://notcve.org/view.php?id=CVE-2017-6408
02 Mar 2017 — An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured. Se ha descubierto un problema en Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores. Puede ocurrir una condición de carrera de escalada de privilegios locales en pbx_exchange cuando un usuario local se conecta a un socket ante... • http://www.securityfocus.com/bid/96491 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6409
https://notcve.org/view.php?id=CVE-2017-6409
02 Mar 2017 — An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access. Se ha descubierto un problema en Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores. Interfaces CORBA no autenticadas permiten acceso inapropiado. • http://www.securityfocus.com/bid/96504 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6405
https://notcve.org/view.php?id=CVE-2017-6405
02 Mar 2017 — An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing. Se ha descubierto un problema en Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores. La seguridad basada en nombre de host está abierta a la suplantación de DNS. • http://www.securityfocus.com/bid/96488 • CWE-290: Authentication Bypass by Spoofing •