CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-37237
https://notcve.org/view.php?id=CVE-2023-37237
29 Jun 2023 — In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. • https://www.veritas.com/content/support/en_US/security/VTS23-004 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9868
https://notcve.org/view.php?id=CVE-2019-9868
19 Mar 2019 — An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña SMTP se muestra a un administrador. • http://www.securityfocus.com/bid/107567 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9867
https://notcve.org/view.php?id=CVE-2019-9867
19 Mar 2019 — An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña del servidor proxy se muestra a un administrador. • http://www.securityfocus.com/bid/107567 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2018-18652
https://notcve.org/view.php?id=CVE-2018-18652
25 Oct 2018 — A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input. Una vulnerabilidad de ejecución remota de comandos en Veritas NetBackup Appliance en versiones anteriores a la 3.1.2 permite que administradores autenticados ejecuten comandos arbitrarios como root. El problema viene provocado por el filtrado insuficiente de entradas proporcionad... • http://www.securityfocus.com/bid/105737 •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2017-8856
https://notcve.org/view.php?id=CVE-2017-8856
09 May 2017 — In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. En Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores, hay una ejecución de comandos remotos arbitrarios no autenticados utilizando el proceso 'bprd'. • http://www.securityfocus.com/bid/98379 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 0CVE-2017-8857
https://notcve.org/view.php?id=CVE-2017-8857
09 May 2017 — In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process. Veritas NetBackup 8.0 y anteriores y NetBackup Appliance 3.0 y anteriores están afectadas por una copia de archivos sin autenticación y ejecución de comandos de forma arbitraria a través del proceso 'bprd'. • http://www.securityfocus.com/bid/98384 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2017-8858
https://notcve.org/view.php?id=CVE-2017-8858
09 May 2017 — In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. En Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y anteriores, existe una escritura con privilegios remota de archivos no autenticada utilizando el proceso 'bprd'. • http://www.securityfocus.com/bid/98381 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2017-8859
https://notcve.org/view.php?id=CVE-2017-8859
09 May 2017 — In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root. En Veritas NetBackup Appliance 3.0 y anteriores, los usuarios no autenticados pueden ejecutar comandos arbitrarios como root. • http://www.securityfocus.com/bid/98383 •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6408
https://notcve.org/view.php?id=CVE-2017-6408
02 Mar 2017 — An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured. Se ha descubierto un problema en Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores. Puede ocurrir una condición de carrera de escalada de privilegios locales en pbx_exchange cuando un usuario local se conecta a un socket ante... • http://www.securityfocus.com/bid/96491 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6399
https://notcve.org/view.php?id=CVE-2017-6399
02 Mar 2017 — An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur. Se ha descubierto un problema en Veritas NetBackup en versiones anteriores a 7.7.2 y NetBackup Appliance en versiones anteriores a 2.7.2. Puede ocurrir la ejecución remota privilegiada de comandos en NetBackup Server y Client (en el servidor o en un cliente conectado). • http://www.securityfocus.com/bid/96490 •