Veritas: Security Vulnerabilities
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator.
CVSS Score
7.2
EPSS Score
0.012
Published
2019-03-21
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator.
CVSS Score
7.2
EPSS Score
0.013
Published
2019-03-21
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.
CVSS Score
7.2
EPSS Score
0.041
Published
2018-10-25
In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on.
CVSS Score
9.8
EPSS Score
0.71
Published
2017-05-10
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.
CVSS Score
9.8
EPSS Score
0.038
Published
2017-05-09
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.
CVSS Score
9.8
EPSS Score
0.057
Published
2017-05-09
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process.
CVSS Score
9.8
EPSS Score
0.027
Published
2017-05-09
In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.
CVSS Score
9.8
EPSS Score
0.026
Published
2017-05-09
In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed.
CVSS Score
7.8
EPSS Score
0.011
Published
2017-04-05
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur.
CVSS Score
8.8
EPSS Score
0.01
Published
2017-03-02