Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netbackup
(Veritas)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 63 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-06 | CVE-2020-36169 | An issue was discovered in Veritas NetBackup through 8.3.0.1 and OpsCenter through 8.3.0.1. Processes using OpenSSL attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under the top level of any drive. If a low privileged user creates an affected path with a library that the Veritas product attempts to load, they can execute arbitrary code as SYSTEM or Administrator. This... | Netbackup, Opscenter | 8.8 | ||
| 2021-01-06 | CVE-2020-36163 | An issue was discovered in Veritas NetBackup and OpsCenter through 8.3.0.1. NetBackup processes using Strawberry Perl attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under C:\. If a low privileged user on the Windows system creates an affected path with a library that NetBackup attempts to load, they can execute arbitrary code as SYSTEM or Administrator. This gives the... | Netbackup, Opscenter | 8.8 | ||
| 2017-03-02 | CVE-2017-6409 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access. | Netbackup, Netbackup_appliance | 9.8 | ||
| 2017-03-02 | CVE-2017-6408 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbx_exchange can occur when a local user connects to a socket before permissions are secured. | Netbackup, Netbackup_appliance | 7.0 | ||
| 2017-03-02 | CVE-2017-6407 | An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur. | Netbackup, Netbackup_appliance | 8.8 | ||
| 2017-03-02 | CVE-2017-6406 | An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with "../" substrings, can occur. | Access, Netbackup, Netbackup_appliance | 8.8 | ||
| 2017-03-02 | CVE-2017-6405 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing. | Netbackup, Netbackup_appliance | 7.5 | ||
| 2017-03-02 | CVE-2017-6404 | An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data. | Netbackup, Netbackup_appliance | 5.5 | ||
| 2017-03-02 | CVE-2017-6402 | An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Denial of service affecting NetBackup server can occur. | Netbackup, Netbackup_appliance | 6.5 | ||
| 2017-03-02 | CVE-2017-6401 | An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat. | Netbackup, Netbackup_appliance | 7.8 |