CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-37237
https://notcve.org/view.php?id=CVE-2023-37237
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. • https://www.veritas.com/content/support/en_US/security/VTS23-004 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9868
https://notcve.org/view.php?id=CVE-2019-9868
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña SMTP se muestra a un administrador. • http://www.securityfocus.com/bid/107567 https://www.veritas.com/content/support/en_US/security/VTS19-001.html#Issue1 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9867
https://notcve.org/view.php?id=CVE-2019-9867
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator. Se ha descubierto un problema en Web Console en Veritas NetBackup Appliance hasta la versión 3.1.2. La contraseña del servidor proxy se muestra a un administrador. • http://www.securityfocus.com/bid/107567 https://www.veritas.com/content/support/en_US/security/VTS19-001.html#Issue2 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18652
https://notcve.org/view.php?id=CVE-2018-18652
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input. Una vulnerabilidad de ejecución remota de comandos en Veritas NetBackup Appliance en versiones anteriores a la 3.1.2 permite que administradores autenticados ejecuten comandos arbitrarios como root. El problema viene provocado por el filtrado insuficiente de entradas proporcionadas por el usuario. • http://www.securityfocus.com/bid/105737 https://www.veritas.com/content/support/en_US/security/VTS18-003.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8856
https://notcve.org/view.php?id=CVE-2017-8856
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process. En Veritas NetBackup 8.0 y versiones anteriores y NetBackup Appliance 3.0 y versiones anteriores, hay una ejecución de comandos remotos arbitrarios no autenticados utilizando el proceso 'bprd'. • http://www.securityfocus.com/bid/98379 https://www.veritas.com/content/support/en_US/security/VTS17-004.html#Issue1 • CWE-732: Incorrect Permission Assignment for Critical Resource •