Vulnerabilities > Veritas > Netbackup Appliance > 2.6.0.3

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2019-9868 Insufficiently Protected Credentials vulnerability in Veritas Netbackup Appliance
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2.
network
low complexity
veritas CWE-522
4.0
4.0
2019-03-21 CVE-2019-9867 Insufficiently Protected Credentials vulnerability in Veritas Netbackup Appliance
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2.
network
low complexity
veritas CWE-522
4.0
4.0
2018-10-25 CVE-2018-18652 Unspecified vulnerability in Veritas Netbackup Appliance
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root.
network
low complexity
veritas
critical
 9.0
9.0
2017-05-09 CVE-2017-8859 Arbitrary Command Execution vulnerability in Veritas NetBackup Appliance
In Veritas NetBackup Appliance 3.0 and earlier, unauthenticated users can execute arbitrary commands as root.
network
low complexity
veritas
critical
 10.0
10
2017-05-09 CVE-2017-8858 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 10.0
10
2017-05-09 CVE-2017-8857 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 10.0
10
2017-05-09 CVE-2017-8856 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.
network
low complexity
veritas CWE-732
7.5
7.5
2017-03-02 CVE-2017-6409 Missing Authentication for Critical Function vulnerability in Veritas Netbackup and Netbackup Appliance
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier.
network
low complexity
veritas CWE-306
7.5
7.5
2017-03-02 CVE-2017-6408 Race Condition vulnerability in Veritas Netbackup and Netbackup Appliance
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. 		4.4
4.4
2017-03-02 CVE-2017-6407 Unspecified vulnerability in Veritas Netbackup and Netbackup Appliance
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2.
local
low complexity
veritas
7.2
7.2