CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6405
https://notcve.org/view.php?id=CVE-2017-6405
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing. Se ha descubierto un problema en Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores. La seguridad basada en nombre de host está abierta a la suplantación de DNS. • http://www.securityfocus.com/bid/96488 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue7 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6399
https://notcve.org/view.php?id=CVE-2017-6399
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 7.7.2 y NetBackup Appliance en versiones anteriores a 2.7.2. Puede ocurrir la ejecución remota privilegiada de comandos en NetBackup Server y Client (en el servidor o en un cliente conectado). • http://www.securityfocus.com/bid/96490 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6404
https://notcve.org/view.php?id=CVE-2017-6404
An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 7.7 y NetBackup Appliance en versiones anteriores a 2.7. Existen archivos de registro de escritura universal, permitiendo la destrucción o suplantación de datos de registro. • http://www.securityfocus.com/bid/96494 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue9 • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6403
https://notcve.org/view.php?id=CVE-2017-6403
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 8.0 y NetBackup Appliance en versiones anteriores a 3.0. NetBackup Cloud Storage Service utiliza un nombre de usuario y contraseña codificados. • http://www.securityfocus.com/bid/96500 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue10 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6406
https://notcve.org/view.php?id=CVE-2017-6406
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with "../" substrings, can occur. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 7.7.2 y NetBackup Appliance en versiones anteriores a 2.7.2. Puede ocurrir la ejecución arbitraria de comandos privilegiados, usando el escape del directorio de lista blanca con subcadenas "../". • http://www.securityfocus.com/bid/96486 https://www.veritas.com/content/support/en_US/security/VTS17-003.html#Issue5 •