Vulnerabilities > CVE-2017-8859 - Arbitrary Command Execution vulnerability in Veritas NetBackup Appliance

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
veritas
critical
nessus

Summary

In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.

Nessus

  • NASL familyCGI abuses
    NASL idVERITAS_NETBACKUP_APPLIANCE_VTS17-005.NASL
    descriptionAccording to its self-reported version, the remote Veritas NetBackup Appliance is 2.7.x or 3.0.x, and may be missing a vendor-supplied security patch. It is, therefore, affected by a remote command execution vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to execute arbitrary commands with root privileges. Note that Nessus has not checked to see if an available Emergency Engineering Binary (EEB) was applied.
    last seen2020-06-01
    modified2020-06-02
    plugin id100273
    published2017-05-18
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/100273
    titleVeritas NetBackup Appliance 2.7.x / 3.0.x Remote Command Execution (VTS17-005)
  • NASL familyCGI abuses
    NASL idVERITAS_NETBACKUP_APPLIANCE_VTS17-005_EXPLOIT.NASL
    descriptionThe remote Veritas NetBackup Appliance is affected by a remote command execution vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted GET request, to execute arbitrary commands with root privileges. Nessus was able to exploit the vulnerability by sending a GET request to /appliancews/getLicense with the command
    last seen2020-06-01
    modified2020-06-02
    plugin id101301
    published2017-05-22
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101301
    titleVeritas NetBackup Appliance 2.7.x / 3.0.x Remote Command Execution (VTS17-005) (exploit)