Main Vulnerability Database SB2017051025

SB2017051025 - Input validation error in NetBackup Appliance

Published: May 10, 2017 Updated: August 8, 2020

Security Bulletin ID SB2017051025

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2017-8859)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.

Install update from vendor's website.