CVE-2017-8895

Veritas/Symantec Backup Exec - SSL NDMP Connection Use-After-Free

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on.

En Veritas Backup Exec 2014 anteriores a la compilación 14.1.1187.1126, 15 anteriores a la compilación 14.2.1180.3160, y 16 anteriores a FP1, hay una vulnerabilidad de uso después de la liberación en varios agentes que puede dar lugar a una denegación de servicio o ejecución remota de código. Un atacante autenticado puede utilizar esta vulnerabilidad para terminar abruptamente el agente o potencialmente tomar el control del proceso del agente y posteriormente del sistema en el que se está ejecutando

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-05-10 CVE Reserved
2017-05-10 CVE Published
2024-08-05 CVE Updated
2024-08-05 First Exploit
2024-11-22 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-416: Use After Free

CAPEC

References (4)

URL	Tag	Source
http://www.securityfocus.com/bid/98386	Third Party Advisory
http://www.securitytracker.com/id/1038561	Third Party Advisory

URL	Date	SRC
https://www.exploit-db.com/exploits/42282	2024-08-05

URL	Date	SRC
https://www.veritas.com/content/support/en_US/security/VTS17-006.html#Issue1	2021-08-12

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Veritas Search vendor "Veritas"		Backup Exec Search vendor "Veritas" for product "Backup Exec"				< 14.1.1786.1126 Search vendor "Veritas" for product "Backup Exec" and version " < 14.1.1786.1126"		-		Affected
Veritas Search vendor "Veritas"		Backup Exec Search vendor "Veritas" for product "Backup Exec"				< 14.2.1180.3160 Search vendor "Veritas" for product "Backup Exec" and version " < 14.2.1180.3160"		-		Affected
Veritas Search vendor "Veritas"		Backup Exec Search vendor "Veritas" for product "Backup Exec"				< 16.0.1142.1327 Search vendor "Veritas" for product "Backup Exec" and version " < 16.0.1142.1327"		-		Affected