CVE-2017-8857

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.

Published: May 9, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-8857
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
veritas / netbackup_appliance	-	3.0.x
veritas / netbackup	-	8.0.x

http://www.securityfocus.com/bid/98384
https://www.veritas.com/content/support/en_US/security/VTS17-004.html#Issue2

Vulnerability Database

289,599

CVE-2017-8857